From df1e2fb540368d0f9640045235f81923fa63acb7 Mon Sep 17 00:00:00 2001 From: Hugh Dickins Date: Fri, 24 Mar 2006 03:18:06 -0800 Subject: [PATCH] shmdt: check address alignment SUSv3 says the shmdt() function shall fail with EINVAL if the value of shmaddr is not the data segment start address of a shared memory segment: our sys_shmdt needs to reject a shmaddr which is not page-aligned. Does it have the potential to break existing apps? Hugh says "sys_shmdt() just does the wrong (unexpected) thing with a misaligned address: it'll fail on what you might expect it to succeed on, and only succeed on what it should definitely fail on. "That is, I think it behaves as if shmaddr gets rounded up, when the only understandable behaviour would be if it rounded it down. "Which does mean you'd have to be devious to see anything but EINVAL from a misaligned shmaddr there, so it's not terribly important." Signed-off-by: Hugh Dickins Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- ipc/shm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ipc/shm.c b/ipc/shm.c index 9162123a7b23..16fe2786087d 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -814,6 +814,9 @@ asmlinkage long sys_shmdt(char __user *shmaddr) loff_t size = 0; int retval = -EINVAL; + if (addr & ~PAGE_MASK) + return retval; + down_write(&mm->mmap_sem); /* -- cgit v1.2.3