io_posix: test the file size can actually be cast to size_t

2019-02-02 15:36:20 +11:00 · 2019-02-02 15:36:20 +11:00 · 85e9dba38c
commit 85e9dba38c
parent 72bd68e60b
1 changed files with 26 additions and 4 deletions
--- a/io_posix.cpp
+++ b/io_posix.cpp
@ -10,6 +10,7 @@

 #include "cast.hpp"
 #include "debug.hpp"
+#include "except.hpp"
 #include "posix/fd.hpp"
 #include "posix/except.hpp"

@ -18,6 +19,16 @@
 using cruft::detail::posix::mapped_file;


+///////////////////////////////////////////////////////////////////////////////
+namespace {
+    struct overflow_error : public cruft::error {
+        std::ostream& describe (std::ostream &os) const override
+        {
+            return os << "mapping is too large for the system";
+        }
+    };
+}
+
 //////////////////////////////////////////////////////////////////////////////
 mapped_file::mapped_file (const std::filesystem::path &path,
                          int fflags,
@ -27,18 +38,29 @@ mapped_file::mapped_file (const std::filesystem::path &path,


 //-----------------------------------------------------------------------------
-mapped_file::mapped_file (const ::cruft::posix::fd &src, int mflags)
+mapped_file::mapped_file (::cruft::posix::fd const &src, int const mflags)
 {
    struct stat meta;
    ::cruft::posix::error::try_value (fstat (src, &meta));

-    m_size = cruft::cast::sign<size_t> (meta.st_size);
-    if (!m_size) {
+    // Zero length mappings aren't allowed by POSIX (even though they're
+    // accepted by some systems; like Linux)
+    if (meta.st_size == 0) {
        m_data = nullptr;
        return;
    }

-    m_data = static_cast<uint8_t*> (mmap (nullptr, m_size, mflags, MAP_SHARED, src, 0));
+    // Ensure we're not trying to map more than our address space allows.
+    //
+    // It's a little nasty, but we protect a
+    if constexpr (sizeof (meta.st_size) > sizeof (size_t)) {
+        auto const hi = cruft::cast::lossless<off_t> (std::numeric_limits<size_t>::max ());
+        if (meta.st_size > hi)
+            throw overflow_error ();
+    }
+
+    m_size = cruft::cast::lossless<size_t> (meta.st_size);
+    m_data = static_cast<u08*> (mmap (nullptr, m_size, mflags, MAP_SHARED, src, 0));
    if (m_data == MAP_FAILED)
        ::cruft::posix::error::throw_code ();
 }