From f53651de0112c46184d7346041fb8e1c8e02bba9 Mon Sep 17 00:00:00 2001 From: Ben Gras Date: Thu, 6 Nov 2014 14:39:32 +0100 Subject: [PATCH] VM,MFS: better handling of some exceptional cases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix for problems reported by Alejandro Hernández: . VM unmap: handle case where there is no nextvr Fixes for problems found by running Melkor ELF fuzzing tool: . VM: better handle case where region prealloc fails by freeing memory that was allocated so far . MFS fs_readwrite: EOF check should happen for read and peek requests, not just read This fixes #4. Change-Id: I2adf4eebdfb4c48a297beff0478eed5c917a53a4 --- minix/fs/mfs/read.c | 2 +- minix/servers/vm/region.c | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/minix/fs/mfs/read.c b/minix/fs/mfs/read.c index 86fc3a8c8..784fa251e 100644 --- a/minix/fs/mfs/read.c +++ b/minix/fs/mfs/read.c @@ -69,7 +69,7 @@ ssize_t fs_readwrite(ino_t ino_nr, struct fsdriver_data *data, size_t nrbytes, if (chunk > nrbytes) chunk = nrbytes; - if (call == FSC_READ) { + if (call != FSC_WRITE) { bytes_left = f_size - position; if (position >= f_size) break; /* we are beyond EOF */ if (chunk > (unsigned int) bytes_left) chunk = bytes_left; diff --git a/minix/servers/vm/region.c b/minix/servers/vm/region.c index 881488d72..84b308698 100644 --- a/minix/servers/vm/region.c +++ b/minix/servers/vm/region.c @@ -493,10 +493,7 @@ struct vir_region *map_page_region(struct vmproc *vmp, vir_bytes minv, if(map_handle_memory(vmp, newregion, 0, length, 1, NULL, 0, 0) != OK) { printf("VM: map_page_region: prealloc failed\n"); - free(newregion->physblocks); - USE(newregion, - newregion->physblocks = NULL;); - SLABFREE(newregion); + map_free(newregion); return NULL; } } @@ -1283,8 +1280,10 @@ int map_unmap_range(struct vmproc *vmp, vir_bytes unmap_start, vir_bytes length) return r; } - region_start_iter(&vmp->vm_regions_avl, &v_iter, nextvr->vaddr, AVL_EQUAL); - assert(region_get_iter(&v_iter) == nextvr); + if(nextvr) { + region_start_iter(&vmp->vm_regions_avl, &v_iter, nextvr->vaddr, AVL_EQUAL); + assert(region_get_iter(&v_iter) == nextvr); + } } return OK;