libkmod-index: protect ourselves from corrupted indexes

If index is shorter than 12 bytes, we couldn't even read its header. Go to error handling in this case.
author: Lucas De Marchi <lucas.demarchi@profusion.mobi> 2012-06-06 09:36:29 -0300
committer: Lucas De Marchi <lucas.demarchi@profusion.mobi> 2012-06-06 09:36:29 -0300
commit: 5b05c327255405622400a6873fd955e1b5ef1aae (patch)
tree: 469f4f400c909ca5442585596bac4f4ed5e6e8a4
parent: 01d9ee642d4e592e0be7581ac52c86e78df4d88c (diff)
download: kmod-5b05c327255405622400a6873fd955e1b5ef1aae.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/libkmod/libkmod-index.c b/libkmod/libkmod-index.c
index 4ab4ed5..a5933e2 100644
--- a/libkmod/libkmod-index.c
+++ b/libkmod/libkmod-index.c
@@ -798,12 +798,14 @@ struct index_mm *index_mm_open(struct kmod_ctx *ctx, const char *filename,
 	}
 
 	fstat(fd, &st);
+	if ((size_t) st.st_size < sizeof(hdr))
+		goto fail_nommap;
 
 	if ((idx->mm = mmap(0, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0))
 							== MAP_FAILED) {
 		ERR(ctx, "mmap(0, %"PRIu64", PROT_READ, %d, MAP_PRIVATE, 0): %m\n",
 							st.st_size, fd);
-		goto fail;
+		goto fail_nommap;
 	}
 
 	p = idx->mm;
@@ -833,9 +835,9 @@ struct index_mm *index_mm_open(struct kmod_ctx *ctx, const char *filename,
 	return idx;
 
 fail:
+	munmap(idx->mm, st.st_size);
+fail_nommap:
 	close(fd);
-	if (idx->mm != MAP_FAILED)
-		munmap(idx->mm, st.st_size);
 fail_open:
 	free(idx);
 	return NULL;
author	Lucas De Marchi <lucas.demarchi@profusion.mobi>	2012-06-06 09:36:29 -0300
committer	Lucas De Marchi <lucas.demarchi@profusion.mobi>	2012-06-06 09:36:29 -0300
commit	5b05c327255405622400a6873fd955e1b5ef1aae (patch)
tree	469f4f400c909ca5442585596bac4f4ed5e6e8a4
parent	01d9ee642d4e592e0be7581ac52c86e78df4d88c (diff)
download	kmod-5b05c327255405622400a6873fd955e1b5ef1aae.tar.gz