From: Philippe Waroquiers <philippe.waroquiers@skynet.be>
Date: Fri, 19 Sep 2014 19:35:24 +0000 (+0000)
Subject: Fix wrong checking of ARG2 of getrlimit
X-Git-Tag: svn/VALGRIND_3_11_0~973
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0560b0dc915af8a755fd95929dff39a84e394628;p=thirdparty%2Fvalgrind.git

Fix wrong checking of ARG2 of getrlimit
(spotted by Florian Krohm/IBM's BEAM checker)



git-svn-id: svn://svn.valgrind.org/valgrind/trunk@14559
---

diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c
index 79d9320f85..0fa172cda3 100644
--- a/coregrind/m_syswrap/syswrap-generic.c
+++ b/coregrind/m_syswrap/syswrap-generic.c
@@ -4115,8 +4115,12 @@ PRE(sys_setrlimit)
    arg1 &= ~_RLIMIT_POSIX_FLAG;
 #endif
 
-   if (ARG2 &&
-       ((struct vki_rlimit *)ARG2)->rlim_cur > ((struct vki_rlimit *)ARG2)->rlim_max) {
+   if (!VG_(am_is_valid_for_client)(ARG2, sizeof(struct vki_rlimit), 
+                                    VKI_PROT_READ)) {
+      SET_STATUS_Failure( VKI_EFAULT );
+   }
+   else if (((struct vki_rlimit *)ARG2)->rlim_cur 
+            > ((struct vki_rlimit *)ARG2)->rlim_max) {
       SET_STATUS_Failure( VKI_EINVAL );
    }
    else if (arg1 == VKI_RLIMIT_NOFILE) {
diff --git a/none/tests/rlimit_nofile.c b/none/tests/rlimit_nofile.c
index 135f1a14e9..c6d2be6b99 100644
--- a/none/tests/rlimit_nofile.c
+++ b/none/tests/rlimit_nofile.c
@@ -97,6 +97,12 @@ int main(int argc, char **argv)
    {
       perror("open");
    }
+
+   if (setrlimit(RLIMIT_NOFILE, NULL) != -1  || errno != EFAULT)
+   {
+      fprintf(stderr, "setrlimit non addressable arg2 must set errno=EFAULT\n");
+      exit(1);
+   }
    
    exit(0);
 }