Date: Fri, 22 Mar 1996 15:33:06 -0500 From: Stephane Russell <stef@stef.prod.com> Message-ID: <199603222033.PAA00509@stef.prod.com>
index | next in thread | raw e-mail
BUG REPORT
----------
- File: src/gnu/usr.bin/ld/rtld.c
- Function: unmaphints
The function maphints map the hint file two times if the size of the hint file
is bigger than PAGSIZ:
> hsize = PAGSIZ;
> addr = mmap(0, hsize, PROT_READ, MAP_COPY, hfd, 0);
than
> if (hheader->hh_ehints > hsize) {
> if (mmap(addr+hsize, hheader->hh_ehints - hsize,
> PROT_READ, MAP_COPY|MAP_FIXED,
> hfd, hsize) != (caddr_t)(addr+hsize)) {
>
> munmap((caddr_t)hheader, hsize);
> close(hfd);
> hheader = (struct hints_header *)-1;
> return;
> }
The function umaphints forgets to unmap the second part, if necessary:
> static void
> unmaphints()
> {
>
> if (HINTS_VALID) {
> munmap((caddr_t)hheader, hsize);
> close(hfd);
> hheader = NULL;
> }
> }
As you can see, if the hint file grows bigger than PAGSIZ, this can lead to problems.
Stef
102556,543@compuserve.com
Note: There is probably no e-mail adress indicated on top of the letter. If you
need to communicate with me, use the adress just above this note.
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199603222033.PAA00509>