gvisor: validate a new map region in the mremap syscall

Right now, mremap allows to remap a memory region over MaxUserAddress, this means that we can change the stub region. PiperOrigin-RevId: 251266886
author: Andrei Vagin <avagin@google.com> 2019-06-03 10:58:38 -0700
committer: Shentubot <shentubot@google.com> 2019-06-03 10:59:46 -0700
commit: 8e926e3f74cef3d04b37c6a68ba5de966e9d9839 (patch)
tree: 65cd28e8f15b58bf337a36aaec18d155f38eefe0 /pkg/sentry/mm
parent: 216da0b733dbed9aad9b2ab92ac75bcb906fd7ee (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/pkg/sentry/mm/syscalls.go b/pkg/sentry/mm/syscalls.go
index 0368c6794..af1e53f5d 100644
--- a/pkg/sentry/mm/syscalls.go
+++ b/pkg/sentry/mm/syscalls.go
@@ -470,6 +470,16 @@ func (mm *MemoryManager) MRemap(ctx context.Context, oldAddr usermem.Addr, oldSi
 			return 0, syserror.EINVAL
 		}
 
+		// Check that the new region is valid.
+		_, err := mm.findAvailableLocked(newSize, findAvailableOpts{
+			Addr:  newAddr,
+			Fixed: true,
+			Unmap: true,
+		})
+		if err != nil {
+			return 0, err
+		}
+
 		// Unmap any mappings at the destination.
 		mm.unmapLocked(ctx, newAR)
author	Andrei Vagin <avagin@google.com>	2019-06-03 10:58:38 -0700
committer	Shentubot <shentubot@google.com>	2019-06-03 10:59:46 -0700
commit	8e926e3f74cef3d04b37c6a68ba5de966e9d9839 (patch)
tree	65cd28e8f15b58bf337a36aaec18d155f38eefe0 /pkg/sentry/mm
parent	216da0b733dbed9aad9b2ab92ac75bcb906fd7ee (diff)