lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 31 Jul 2008 15:54:30 +0530
From:	"Maxin John" <maxin.john@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: regarding mprotect() implementation in 2.6.26 kernel

Dear Christoph Hellwig,

( I guess you are the right person to ask this question ?)

The POSIX.2 specification of mprotect() says:

errorno should be set as ENOMEM if the addresses in the range [addr,
(addr + len)] are invalid for the address space of a process, or
specify one or more pages which are not mapped.

However, in the mprotect implementation  (asmlinkage long
sys_mprotect(unsigned long start, size_t len, unsigned long prot)) in
linux/mm/mprotect.c file, if we call mprotect() with start as NULL and
len as 0, mprotect() returns 0 and it is not setting the errono.The
following code confirms this behaviour.


*********** mprotect check code ********************

#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <errno.h>
#include <sys/mman.h>

int main()
{

       int fd, ret;
       char *address;
       errno = 0;

       fd = open("./mmap_file", O_CREAT | O_RDWR, 766);
       address = (char *) mmap(0, 100, PROT_READ, MAP_SHARED, fd, 0);

       /* address argument is NULL and length argument is 0 */

       if ((ret = mprotect(NULL, 0, PROT_READ)) == -1) {
               printf("%s Error \n", strerror(errno));
               printf("mprotect functionality is correct.\n");
       } else {
               printf("mprotect functionality needs to be verified \n");
               exit(EXIT_FAILURE);
       }
       close(fd);
       return 0;
}

*********** mprotect check code ********************

Is there a reason to return 0 when the len is 0 and start is NULL ? Is
it intentional ? If not, it should be fixed.

Cheers,

Maxin B. John
Bangalore, India
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ