diff options
author | Lennart Poettering <lennart@poettering.net> | 2011-12-28 01:53:06 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2011-12-28 01:53:06 +0100 |
commit | 2a59ea54f136f8fcf6a4e1bdfc51448c81281a3e (patch) | |
tree | 890a2360ca953e0191b430002c0b3cefc54dfa0e /src | |
parent | 9cfb57c989b62d11c073c77179df4bb7fa19f35d (diff) |
journal: never mmap beyond file size
Diffstat (limited to 'src')
-rw-r--r-- | src/journal/journal-file.c | 13 | ||||
-rw-r--r-- | src/journal/sd-journal.h | 8 |
2 files changed, 20 insertions, 1 deletions
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c index 80775e1acf..6c7718de31 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c @@ -241,6 +241,10 @@ static int journal_file_map( wsize = size + (offset - woffset); wsize = PAGE_ALIGN(wsize); + /* Avoid SIGBUS on invalid accesses */ + if (woffset + wsize > (uint64_t) PAGE_ALIGN(f->last_stat.st_size)) + return -EADDRNOTAVAIL; + window = mmap(NULL, wsize, f->prot, MAP_SHARED, f->fd, woffset); if (window == MAP_FAILED) return -errno; @@ -305,6 +309,15 @@ static int journal_file_move_to(JournalFile *f, int wt, uint64_t offset, uint64_ } else delta = 0; + if (offset > (uint64_t) f->last_stat.st_size) + return -EADDRNOTAVAIL; + + if (offset + size > (uint64_t) f->last_stat.st_size) + size = PAGE_ALIGN((uint64_t) f->last_stat.st_size - offset); + + if (size <= 0) + return -EADDRNOTAVAIL; + r = journal_file_map(f, offset, size, &w->ptr, &w->offset, &w->size, diff --git a/src/journal/sd-journal.h b/src/journal/sd-journal.h index 9872e9c29c..7f9f78598b 100644 --- a/src/journal/sd-journal.h +++ b/src/journal/sd-journal.h @@ -36,8 +36,14 @@ * - extend hash tables table as we go * - accelerate looking for "all hostnames" and suchlike. * - cryptographic hash - * - never access beyond fle size check * - OR of matches is borked... + * - flush /run to /var + * - hookup with systemctl + * - local deserializer + * - think about manipulations of header + * - http server + * - handle incomplete header + * - message catalog */ /* Write to daemon */ |