]> Zhao Yanbai Git Server - minix.git/commitdiff
Zhao YanBai
Repos / minix.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 957802c)
VM,MFS: better handling of some exceptional cases 80/2880/1
authorBen Gras <ben@minix3.org>
Thu, 6 Nov 2014 13:39:32 +0000 (14:39 +0100)
committerBen Gras <ben@minix3.org>
Mon, 10 Nov 2014 16:51:57 +0000 (17:51 +0100)
Fix for problems reported by Alejandro Hernández:
. VM unmap: handle case where there is no nextvr

Fixes for problems found by running Melkor ELF fuzzing tool:
. VM: better handle case where region prealloc fails by
  freeing memory that was allocated so far
. MFS fs_readwrite: EOF check should happen for read and
  peek requests, not just read

This fixes #4.

Change-Id: I2adf4eebdfb4c48a297beff0478eed5c917a53a4

minix/fs/mfs/read.c patch | blob | history
minix/servers/vm/region.c patch | blob | history

diff --git a/minix/fs/mfs/read.c b/minix/fs/mfs/read.c
index 86fc3a8c8992bbc861de23471bafc9e7c211cc4e..784fa251e24e17da6f88b64376e73195252159e4 100644 (file)
--- a/minix/fs/mfs/read.c
+++ b/minix/fs/mfs/read.c
@@ -69,7 +69,7 @@ ssize_t fs_readwrite(ino_t ino_nr, struct fsdriver_data *data, size_t nrbytes,
          if (chunk > nrbytes)
                chunk = nrbytes;
 
-         if (call == FSC_READ) {
+         if (call != FSC_WRITE) {
                  bytes_left = f_size - position;
                  if (position >= f_size) break;        /* we are beyond EOF */
                  if (chunk > (unsigned int) bytes_left) chunk = bytes_left;
diff --git a/minix/servers/vm/region.c b/minix/servers/vm/region.c
index 881488d7229a6bef648396d2feaca5450f937b31..84b308698a16128caa3d4dd9145c6cf29dacafdd 100644 (file)
--- a/minix/servers/vm/region.c
+++ b/minix/servers/vm/region.c
@@ -493,10 +493,7 @@ struct vir_region *map_page_region(struct vmproc *vmp, vir_bytes minv,
                if(map_handle_memory(vmp, newregion, 0, length, 1,
                        NULL, 0, 0) != OK) {
                        printf("VM: map_page_region: prealloc failed\n");
-                       free(newregion->physblocks);
-                       USE(newregion,
-                               newregion->physblocks = NULL;);
-                       SLABFREE(newregion);
+                       map_free(newregion);
                        return NULL;
                }
        }
@@ -1283,8 +1280,10 @@ int map_unmap_range(struct vmproc *vmp, vir_bytes unmap_start, vir_bytes length)
                        return r;
                }
 
-               region_start_iter(&vmp->vm_regions_avl, &v_iter, nextvr->vaddr, AVL_EQUAL);
-               assert(region_get_iter(&v_iter) == nextvr);
+               if(nextvr) {
+                       region_start_iter(&vmp->vm_regions_avl, &v_iter, nextvr->vaddr, AVL_EQUAL);
+                       assert(region_get_iter(&v_iter) == nextvr);
+               }
        }
 
        return OK;
Unnamed repository; edit this file 'description' to name the repository.