Skip to content
Snippets Groups Projects
Commit eac78a4b authored by Helge Deller's avatar Helge Deller
Browse files

linux-user: Fix signed math overflow in brk() syscall 


Fix the math overflow when calculating the new_malloc_size.

new_host_brk_page and brk_page are unsigned integers. If userspace
reduces the heap, new_host_brk_page is lower than brk_page which results
in a huge positive number (but should actually be negative).

Fix it by adding a proper check and as such make the code more readable.

Signed-off-by: default avatarHelge Deller <deller@gmx.de>
Tested-by: default avatar"Markus F.X.J. Oberhumer" <markus@oberhumer.com>
Reviewed-by: default avatarPhilippe Mathieu-Daudé <philmd@linaro.org>
Fixes: 86f04735 ("linux-user: Fix brk() to release pages")
Cc: qemu-stable@nongnu.org
Buglink: https://github.com/upx/upx/issues/683
parent dfe49864
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 2 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment