Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
linux-user: Prohibit brk() to to shrink below initial heap address
Since commit 86f0473 ("linux-user: Fix brk() to release pages") it's possible for userspace applications to reduce their memory footprint by calling brk() with a lower address and free up memory. Before that commit guest heap memory was never unmapped. But the Linux kernel prohibits to reduce brk() below the initial memory address which is set at startup by the set_brk() function in binfmt_elf.c. Such a range check was missed in commit 86f0473. This patch adds the missing check by storing the initial brk value in initial_target_brk and verify any new brk addresses against that value. Tested with the i386 upx binary from https://github.com/upx/upx/releases/download/v4.0.2/upx-4.0.2-i386_linux.tar.xz Signed-off-by: Helge Deller <[email protected]> Tested-by: "Markus F.X.J. Oberhumer" <[email protected]> Fixes: 86f0473 ("linux-user: Fix brk() to release pages") Cc: [email protected] Buglink: upx/upx#683
- Loading branch information