Commit ee4cad49 authored by Linus Torvalds's avatar Linus Torvalds

Avoid mmap() overflow case if TASK_SIZE is the

full range of an "unsigned long" (sparc64).
parent 06dd43c4
...@@ -476,10 +476,10 @@ unsigned long do_mmap_pgoff(struct file * file, unsigned long addr, ...@@ -476,10 +476,10 @@ unsigned long do_mmap_pgoff(struct file * file, unsigned long addr,
if (!len) if (!len)
return addr; return addr;
if (len > TASK_SIZE) /* Careful about overflows.. */
return -EINVAL;
len = PAGE_ALIGN(len); len = PAGE_ALIGN(len);
if (!len || len > TASK_SIZE)
return -EINVAL;
/* offset overflow? */ /* offset overflow? */
if ((pgoff + (len >> PAGE_SHIFT)) < pgoff) if ((pgoff + (len >> PAGE_SHIFT)) < pgoff)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment