chiark / gitweb /
journal: never mmap beyond file size
authorLennart Poettering <lennart@poettering.net>
Wed, 28 Dec 2011 00:53:06 +0000 (01:53 +0100)
committerLennart Poettering <lennart@poettering.net>
Wed, 28 Dec 2011 00:53:06 +0000 (01:53 +0100)
src/journal/journal-file.c
src/journal/sd-journal.h

index 80775e1..6c7718d 100644 (file)
@@ -241,6 +241,10 @@ static int journal_file_map(
         wsize = size + (offset - woffset);
         wsize = PAGE_ALIGN(wsize);
 
+        /* Avoid SIGBUS on invalid accesses */
+        if (woffset + wsize > (uint64_t) PAGE_ALIGN(f->last_stat.st_size))
+                return -EADDRNOTAVAIL;
+
         window = mmap(NULL, wsize, f->prot, MAP_SHARED, f->fd, woffset);
         if (window == MAP_FAILED)
                 return -errno;
@@ -305,6 +309,15 @@ static int journal_file_move_to(JournalFile *f, int wt, uint64_t offset, uint64_
         } else
                 delta = 0;
 
+        if (offset > (uint64_t) f->last_stat.st_size)
+                return -EADDRNOTAVAIL;
+
+        if (offset + size > (uint64_t) f->last_stat.st_size)
+                size = PAGE_ALIGN((uint64_t) f->last_stat.st_size - offset);
+
+        if (size <= 0)
+                return -EADDRNOTAVAIL;
+
         r = journal_file_map(f,
                              offset, size,
                              &w->ptr, &w->offset, &w->size,
index 9872e9c..7f9f785 100644 (file)
  *   - extend hash tables table as we go
  *   - accelerate looking for "all hostnames" and suchlike.
  *   - cryptographic hash
- *   - never access beyond fle size check
  *   - OR of matches is borked...
+ *   - flush /run to /var
+ *   - hookup with systemctl
+ *   - local deserializer
+ *   - think about manipulations of header
+ *   - http server
+ *   - handle incomplete header
+ *   - message catalog
  */
 
 /* Write to daemon */