Fail if file is too large to mmap.

author junglefowl <junglefowl@riseup.net>

Mon, 23 Jan 2017 19:08:54 +0000 (19:08 +0000)

committer Nick Mathewson <nickm@torproject.org>

Wed, 25 Jan 2017 18:21:44 +0000 (13:21 -0500)
author junglefowl <junglefowl@riseup.net>
Mon, 23 Jan 2017 19:08:54 +0000 (19:08 +0000)
committer Nick Mathewson <nickm@torproject.org>
Wed, 25 Jan 2017 18:21:44 +0000 (13:21 -0500)
diff --git a/changes/bug21134 b/changes/bug21134

new file mode 100644 (file)

index 0000000..b851718
--- /dev/null
+++ b/changes/bug21134
@@ -0,0 +1,5 @@
+  o Minor bugfixes (portability):
+    - Do not silently truncate content of files if they are larger
+      than SIZE_MAX bytes. This issue could occur on 32 bit systems
+      with large file support and files which are larger than 4 GB.
+      Fixes bug 21134; bugfix on 0.3.0.1-alpha.
diff --git a/src/common/compat.c b/src/common/compat.c

index ebf05f59e1a23e7f4f6477e216660708dc161cab..16b222904ab9d0e2e1c70afb6126952ed82490b7 100644 (file)
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -258,6 +258,12 @@ tor_mmap_file(const char *filename)
    page_size = getpagesize();
    size += (size%page_size) ? page_size-(size%page_size) : 0;
  
+  if (st.st_size > SSIZE_T_CEILING || size < st.st_size) {
+    log_warn(LD_FS, "File \"%s\" is too large. Ignoring.",filename);
+    errno = EFBIG;
+    close(fd);
+    return NULL;
+  }
    if (!size) {
      /* Zero-length file. If we call mmap on it, it will succeed but
       * return NULL, and bad things will happen. So just fail. */
author	junglefowl <junglefowl@riseup.net>
	Mon, 23 Jan 2017 19:08:54 +0000 (19:08 +0000)
committer	Nick Mathewson <nickm@torproject.org>
	Wed, 25 Jan 2017 18:21:44 +0000 (13:21 -0500)
changes/bug21134	[new file with mode: 0644]	patch \| blob
src/common/compat.c		patch \| blob \| blame \| history