diff mbox

Resend: linux-user/syscall.c - don't add GUEST_BASE to NULL pointer

Message ID 200910171945.21354.dl9pf@gmx.de
State New
Headers show

Commit Message

Jan-Simon Möller Oct. 17, 2009, 5:45 p.m. UTC 
This patch fixes the mount call. GUEST_BASE shouldn't be added to a NULL pointer on arg5 .
failing call: 
mount("rootfs", "/", 0x47a78, MS_MGC_VAL|MS_REMOUNT, 0x10000) = -1 EFAULT (Bad address)

correct call:
mount("rootfs", "/", 0x37ab0, MS_MGC_VAL|MS_REMOUNT, NULL) = 0


Signed-off-by:  Jan-Simon Möller  <dl9pf@gmx.de>
---
 linux-user/syscall.c |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)
diff mbox

Patch

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 673eed4..5b2ec4f 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4445,12 +4445,16 @@  abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
                        p3 = lock_user_string(arg3);
                         if (!p || !p2 || !p3)
                             ret = -TARGET_EFAULT;
-                        else
+                        else {
                             /* FIXME - arg5 should be locked, but it isn't clear how to
                              * do that since it's not guaranteed to be a NULL-terminated
                              * string.
                              */
-                            ret = get_errno(mount(p, p2, p3, (unsigned long)arg4, g2h(arg5)));
+                            if ( ! arg5 )
+                                ret = get_errno(mount(p, p2, p3, (unsigned long)arg4, NULL));
+                            else
+                                ret = get_errno(mount(p, p2, p3, (unsigned long)arg4, g2h(arg5)));
+                        }
                         unlock_user(p, arg1, 0);
                         unlock_user(p2, arg2, 0);
                         unlock_user(p3, arg3, 0);