diff options
| author |   tedu <tedu@openbsd.org> | 2016-07-29 20:44:40 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2016-07-29 20:44:40 +0000 |
| commit | 5e38141c55bce6ceeaf7c96a4314e752c291a198 (patch) | |
| tree | c8408ef6e55e58df35a082bf68275556cecfedc9 | |
| parent | Fix regression introduced by patch to CVE-2016-0718: Tag names were cut off in some cases. (diff) | |
| download | wireguard-openbsd-5e38141c55bce6ceeaf7c96a4314e752c291a198.tar.xz wireguard-openbsd-5e38141c55bce6ceeaf7c96a4314e752c291a198.zip | |
add a check that the arguments to isavail don't overflow.
callers should probably check too, but checking here won't hurt.
possible panic reported by tim newsham.
ok kettenis
| -rw-r--r-- | sys/uvm/uvm_map.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sys/uvm/uvm_map.c b/sys/uvm/uvm_map.c index 50504646028..254dd4da146 100644 --- a/sys/uvm/uvm_map.c +++ b/sys/uvm/uvm_map.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_map.c,v 1.217 2016/06/17 10:48:25 dlg Exp $ */ +/* $OpenBSD: uvm_map.c,v 1.218 2016/07/29 20:44:40 tedu Exp $ */ /* $NetBSD: uvm_map.c,v 1.86 2000/11/27 08:40:03 chs Exp $ */ /* @@ -771,6 +771,9 @@ uvm_map_isavail(struct vm_map *map, struct uvm_addr_state *uaddr, struct uvm_map_addr *atree; struct vm_map_entry *i, *i_end; + if (addr + sz < addr) + return 0; + /* * Kernel memory above uvm_maxkaddr is considered unavailable. */ |