mmap wrapping around to 0 revisited

Benjamin LaHaise bcrl at redhat.com
Wed Mar 6 07:47:39 EST 2002


On Mon, Mar 04, 2002 at 08:05:29AM -0800, David Ashley wrote:
> The fix is in
> arch/ppc/kernel/syscalls.c
> in the sys_mmap function, change this line:
> 	err = do_mmap2(addr, len, prot, flags, fd, offset >> PAGE_SHIFT);
> to
> 	err = do_mmap2(addr, len, prot, flags, fd, (unsigned long)offset >> PAGE_SHIFT);
>
> Possibly it would be better to have the argument as an unsigned long instead
> of an off_t.

Wrong fix.  sys_mmap on ppc should really be using do_mmap which already
includes the cast to unsigned long and checks for overflow.  Arguably,
it could well check for -'ve offsets and reject them, but traditionally
Linux has accepted up to 4GB offsets with its 32 bit APIs and changing
this would break a few things like X.

		-ben

** Sent via the linuxppc-embedded mail list. See http://lists.linuxppc.org/





More information about the Linuxppc-embedded mailing list