diff options
| author | peter <peter@FreeBSD.org> | 1996-03-12 06:13:08 +0000 |
|---|---|---|
| committer | peter <peter@FreeBSD.org> | 1996-03-12 06:13:08 +0000 |
| commit | a693ae062d212e1bc01433d93196ae773e193ad5 (patch) | |
| tree | d40d30681907c808c174b11315f033cb51b60492 | |
| parent | 48236277c1f77ddd9cda6e7eb41539473aeb3cac (diff) | |
| download | FreeBSD-src-a693ae062d212e1bc01433d93196ae773e193ad5.zip FreeBSD-src-a693ae062d212e1bc01433d93196ae773e193ad5.tar.gz | |
The same data segment length rounding problem that was in the elf
loader is also present in the coff loader. It was possible to get one
more page allocated than needed, which would cause brk()/malloc()/etc
to fail with ENOMEM when it tried to re-allocate the space.
Also, change a bcopy() from kernel to user space to a copyout().
| -rw-r--r-- | sys/i386/ibcs2/imgact_coff.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sys/i386/ibcs2/imgact_coff.c b/sys/i386/ibcs2/imgact_coff.c index 332e4ae..6df08a6 100644 --- a/sys/i386/ibcs2/imgact_coff.c +++ b/sys/i386/ibcs2/imgact_coff.c @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $Id: imgact_coff.c,v 1.11 1995/12/07 12:45:48 davidg Exp $ + * $Id: imgact_coff.c,v 1.12 1996/01/19 23:00:38 dyson Exp $ */ #include <sys/param.h> @@ -124,7 +124,7 @@ load_coff_section(vmspace, vp, offset, vmaddr, memsz, filsz, prot) copy_len = (offset + filsz) - trunc_page(offset + filsz); map_addr = trunc_page(vmaddr + filsz); - map_len = round_page(memsz) - trunc_page(filsz); + map_len = round_page(vmaddr + memsz) - map_addr; DPRINTF(("%s(%d): vm_map_find(&vmspace->vm_map, NULL, 0, &0x%08lx,0x%x, FALSE, VM_PROT_ALL, VM_PROT_ALL, 0)\n", __FILE__, __LINE__, map_addr, map_len)); @@ -145,14 +145,14 @@ load_coff_section(vmspace, vp, offset, vmaddr, memsz, filsz, prot) trunc_page(offset + filsz))) return error; - bcopy(data_buf, (caddr_t) map_addr, copy_len); + error = copyout(data_buf, (caddr_t) map_addr, copy_len); if (vm_map_remove(kernel_map, (vm_offset_t) data_buf, (vm_offset_t) data_buf + PAGE_SIZE)) panic("load_coff_section vm_map_remove failed"); - return 0; + return error; } int |
