journal: never mmap beyond file size

2011-12-28 01:53:06 +01:00 · 2011-12-28 01:53:06 +01:00 · 2a59ea54f1
parent 9cfb57c989
commit 2a59ea54f1
2 changed files with 20 additions and 1 deletions
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@ -241,6 +241,10 @@ static int journal_file_map(
        wsize = size + (offset - woffset);
        wsize = PAGE_ALIGN(wsize);

+        /* Avoid SIGBUS on invalid accesses */
+        if (woffset + wsize > (uint64_t) PAGE_ALIGN(f->last_stat.st_size))
+                return -EADDRNOTAVAIL;
+
        window = mmap(NULL, wsize, f->prot, MAP_SHARED, f->fd, woffset);
        if (window == MAP_FAILED)
                return -errno;
@ -305,6 +309,15 @@ static int journal_file_move_to(JournalFile *f, int wt, uint64_t offset, uint64_
        } else
                delta = 0;

+        if (offset > (uint64_t) f->last_stat.st_size)
+                return -EADDRNOTAVAIL;
+
+        if (offset + size > (uint64_t) f->last_stat.st_size)
+                size = PAGE_ALIGN((uint64_t) f->last_stat.st_size - offset);
+
+        if (size <= 0)
+                return -EADDRNOTAVAIL;
+
        r = journal_file_map(f,
                             offset, size,
                             &w->ptr, &w->offset, &w->size,
--- a/src/journal/sd-journal.h
+++ b/src/journal/sd-journal.h
@ -36,8 +36,14 @@
 *   - extend hash tables table as we go
 *   - accelerate looking for "all hostnames" and suchlike.
 *   - cryptographic hash
- *   - never access beyond fle size check
 *   - OR of matches is borked...
+ *   - flush /run to /var
+ *   - hookup with systemctl
+ *   - local deserializer
+ *   - think about manipulations of header
+ *   - http server
+ *   - handle incomplete header
+ *   - message catalog
 */

 /* Write to daemon */