From 62975a7740cba4bdaf1c096dd246feba854d2410 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Sun, 21 Oct 2018 01:33:11 +0200 Subject: [PATCH] BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. When mapping memory with mmap(), we should use a fd of -1, not 0. 0 may work on linux, but it doesn't work on FreeBSD, and probably other OSes. It would be nice to backport this to 1.8 to help debugging there. --- include/common/memory.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/common/memory.h b/include/common/memory.h index 5fde4bcdd..2301e3ad5 100644 --- a/include/common/memory.h +++ b/include/common/memory.h @@ -394,12 +394,13 @@ static inline void pool_free_area(void *area, size_t __maybe_unused size) * some padding is added, the area's start address is copied at the end of the * padding to help detect underflows. */ +#include static inline void *pool_alloc_area(size_t size) { size_t pad = (4096 - size) & 0xFF0; void *ret; - ret = mmap(NULL, (size + 4095) & -4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, 0, 0); + ret = mmap(NULL, (size + 4095) & -4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); if (ret == MAP_FAILED) return NULL; if (pad >= sizeof(void *)) -- 2.47.3