[PATCH] shmdt: check address alignment
authorHugh Dickins <hugh@veritas.com>
Fri, 24 Mar 2006 11:18:06 +0000 (03:18 -0800)
committerLinus Torvalds <torvalds@g5.osdl.org>
Fri, 24 Mar 2006 15:33:25 +0000 (07:33 -0800)
SUSv3 says the shmdt() function shall fail with EINVAL if the value of
shmaddr is not the data segment start address of a shared memory segment:
our sys_shmdt needs to reject a shmaddr which is not page-aligned.

Does it have the potential to break existing apps?

Hugh says

  "sys_shmdt() just does the wrong (unexpected) thing with a misaligned
  address: it'll fail on what you might expect it to succeed on, and only
  succeed on what it should definitely fail on.

  "That is, I think it behaves as if shmaddr gets rounded up, when the only
  understandable behaviour would be if it rounded it down.

  "Which does mean you'd have to be devious to see anything but EINVAL from
  a misaligned shmaddr there, so it's not terribly important."

Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
ipc/shm.c

index 9162123a7b23c348aca8669c56ea56bfbeacadb6..16fe2786087d003881b76df50a192cafbe8e2b1a 100644 (file)
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -814,6 +814,9 @@ asmlinkage long sys_shmdt(char __user *shmaddr)
        loff_t size = 0;
        int retval = -EINVAL;
 
+       if (addr & ~PAGE_MASK)
+               return retval;
+
        down_write(&mm->mmap_sem);
 
        /*