From ff8017c4a29c80a8260d658194e2ae41674906c5 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
Date: Tue, 14 Mar 2017 22:33:22 +0100
Subject: [PATCH] Never call unmap with MAP_FAILED. (#5590)

When mmap is called, the code in correctly checks for p == MAP_FAILED.

But the resource cleanup at the end of busname_peek_message checks for
p == NULL, and if that's not true, munmap is called.

Therefore in error case, munmap is called with a MAP_FAILED argument
which can result in unexpected behaviour depending on sz's value.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---
 src/core/busname.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/core/busname.c b/src/core/busname.c
index 88b758eecb..955f6f88d8 100644
--- a/src/core/busname.c
+++ b/src/core/busname.c
@@ -764,7 +764,7 @@ static int busname_peek_message(BusName *n) {
         struct kdbus_item *d;
         struct kdbus_msg *k;
         size_t start, ps, sz, delta;
-        void *p = NULL;
+        void *p = MAP_FAILED;
         pid_t pid = 0;
         int r;
 
@@ -825,7 +825,7 @@ static int busname_peek_message(BusName *n) {
         r = 0;
 
 finish:
-        if (p)
+        if (p != MAP_FAILED)
                 (void) munmap(p, sz);
 
         cmd_free.offset = cmd_recv.msg.offset;