From d81f73fcb520cff58dcafda0e644b91837b26a40 Mon Sep 17 00:00:00 2001
From: jhb <jhb@FreeBSD.org>
Date: Tue, 14 Jul 2009 19:45:36 +0000
Subject: - Change mmap() to fail requests with EINVAL that pass a length of 0.
  This   behavior is mandated by POSIX. - Do not fail requests that pass a
 length greater than SSIZE_MAX   (such as > 2GB on 32-bit platforms).  The
 'len' parameter is actually   an unsigned 'size_t' so negative values don't
 really make sense.

Submitted by:	Alexander Best  alexbestms at math.uni-muenster.de
Reviewed by:	alc
Approved by:	re (kib)
MFC after:	1 week
---
 sys/vm/vm_mmap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'sys/vm/vm_mmap.c')

diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c
index cc7a0f4..2b99e36 100644
--- a/sys/vm/vm_mmap.c
+++ b/sys/vm/vm_mmap.c
@@ -229,7 +229,7 @@ mmap(td, uap)
 
 	fp = NULL;
 	/* make sure mapping fits into numeric range etc */
-	if ((ssize_t) uap->len < 0 ||
+	if (uap->len == 0 ||
 	    ((flags & MAP_ANON) && uap->fd != -1))
 		return (EINVAL);
 
-- 
cgit v1.1