summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--libdiskfs/io-seek.c8
-rw-r--r--libdiskfs/rdwr-internal.c7
2 files changed, 14 insertions, 1 deletions
diff --git a/libdiskfs/io-seek.c b/libdiskfs/io-seek.c
index 9e3ff093..0018a712 100644
--- a/libdiskfs/io-seek.c
+++ b/libdiskfs/io-seek.c
@@ -46,6 +46,14 @@ diskfs_S_io_seek (struct protid *cred,
offset += np->dn_stat.st_size;
case SEEK_SET:
check:
+ /* pager_memcpy inherently uses vm_offset_t, which may be smaller than
+ off_t. */
+ if (sizeof(off_t) > sizeof(vm_offset_t) &&
+ offset > ((off_t) 1) << (sizeof(vm_offset_t) * 8))
+ {
+ err = EFBIG;
+ break;
+ }
if (offset >= 0)
{
*newoffset = cred->po->filepointer = offset;
diff --git a/libdiskfs/rdwr-internal.c b/libdiskfs/rdwr-internal.c
index 18a4ae1e..0d405517 100644
--- a/libdiskfs/rdwr-internal.c
+++ b/libdiskfs/rdwr-internal.c
@@ -58,7 +58,12 @@ _diskfs_rdwr_internal (struct node *np,
if (memobj == MACH_PORT_NULL)
return errno;
- err = pager_memcpy (diskfs_get_filemap_pager_struct (np), memobj,
+ /* pager_memcpy inherently uses vm_offset_t, which may be smaller than off_t. */
+ if (sizeof(off_t) > sizeof(vm_offset_t) &&
+ offset + *amt > ((off_t) 1) << (sizeof(vm_offset_t) * 8))
+ err = EFBIG;
+ else
+ err = pager_memcpy (diskfs_get_filemap_pager_struct (np), memobj,
offset, data, amt, prot);
if (!diskfs_check_readonly () && !notime)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 14:32:52 +0000