|
From: <sv...@va...> - 2007-11-17 01:49:07
|
Author: sewardj
Date: 2007-11-17 01:49:06 +0000 (Sat, 17 Nov 2007)
New Revision: 7170
Log:
Don't segfault on syscall (SYS_io_destroy, 0). (Jakub Jelinek) Fixes
#147325.
Modified:
trunk/coregrind/m_syswrap/syswrap-linux.c
Modified: trunk/coregrind/m_syswrap/syswrap-linux.c
===================================================================
--- trunk/coregrind/m_syswrap/syswrap-linux.c 2007-11-17 01:35:08 UTC (rev 7169)
+++ trunk/coregrind/m_syswrap/syswrap-linux.c 2007-11-17 01:49:06 UTC (rev 7170)
@@ -1223,17 +1223,18 @@
// file-descriptors are closed...
PRE(sys_io_destroy)
{
- struct vki_aio_ring *r;
- SizeT size;
+ SizeT size = 0;
PRINT("sys_io_destroy ( %llu )", (ULong)ARG1);
PRE_REG_READ1(long, "io_destroy", vki_aio_context_t, ctx);
// If we are going to seg fault (due to a bogus ARG1) do it as late as
// possible...
- r = (struct vki_aio_ring *)ARG1;
- size = VG_PGROUNDUP(sizeof(struct vki_aio_ring) +
- r->nr*sizeof(struct vki_io_event));
+ if (ML_(safe_to_deref)( (void*)ARG1, sizeof(struct vki_aio_ring))) {
+ struct vki_aio_ring *r = (struct vki_aio_ring *)ARG1;
+ size = VG_PGROUNDUP(sizeof(struct vki_aio_ring) +
+ r->nr*sizeof(struct vki_io_event));
+ }
SET_STATUS_from_SysRes( VG_(do_syscall1)(SYSNO, ARG1) );
|