Skip Menu |

This queue is for tickets about the File-Map CPAN distribution.

Report information
The Basics
Id: 56643
Status: resolved
Priority: 0/
Queue: File-Map
People
Owner: LEONT [...] cpan.org
Requestors: user42 [...] zip.com.au
Cc:
AdminCc:
Bug Information
Severity: Unimportant
Broken in: (no value)
Fixed in: 0.28

History Show all quoted text
  Thu Apr 15 18:58:31 2010 user42 [...] zip.com.au - Ticket created
Subject: length wraparound
Date: Fri, 16 Apr 2010 08:58:10 +1000
To: bug-File-Map [...] rt.cpan.org
From: Kevin Ryde <user42 [...] zip.com.au>
Nosing around the code of 0.24, I think the "correction" value applied to the length may cause it to wrap around if close to 2**32. Eg. map_file (my $str, '/dev/zero', '<', 4095, 2**32-1); => success Some printfs show it calling mmap() with length 4094 at offset 0, where I expected it might fail due to not having 2**32-1 bytes of address space on a 32-bit system. You might throw ENOMEM when length+correction is bigger than 2**32. That'd be same as when length is huge but doesn't wraparound, map_file (my $str, '/dev/zero', '<', 0, 2**32-1); => Cannot allocate memory
  Sat Apr 17 16:11:11 2010 LEONT [...] cpan.org - Severity Unimportant added
  Tue Apr 20 08:31:23 2010 LEONT [...] cpan.org - Status changed from 'new' to 'open'
  Tue Apr 20 08:31:28 2010 LEONT [...] cpan.org - Taken
  Wed Aug 25 06:29:49 2010 LEONT [...] cpan.org - Correspondence added
On Thu Apr 15 18:58:31 2010, user42@zip.com.au wrote: Show quoted text
> Nosing around the code of 0.24, I think the "correction" value applied > to the length may cause it to wrap around if close to 2**32. Eg. > > map_file (my $str, '/dev/zero', '<', 4095, 2**32-1); > => success > > Some printfs show it calling mmap() with length 4094 at offset 0, where > I expected it might fail due to not having 2**32-1 bytes of address > space on a 32-bit system. > > You might throw ENOMEM when length+correction is bigger than 2**32. > That'd be same as when length is huge but doesn't wraparound, > > map_file (my $str, '/dev/zero', '<', 0, 2**32-1); > => Cannot allocate memory
Bug is fixed in 0.28 :-)
  Wed Aug 25 06:29:50 2010 LEONT [...] cpan.org - Status changed from 'open' to 'resolved'
  Thu Aug 26 21:53:40 2010 user42 [...] zip.com.au - Correspondence added
Subject: Re: [rt.cpan.org #56643] length wraparound
Date: Fri, 27 Aug 2010 11:53:23 +1000
To: bug-File-Map [...] rt.cpan.org
From: Kevin Ryde <user42 [...] zip.com.au>
"Leon Timmermans via RT" <bug-File-Map@rt.cpan.org> writes: Show quoted text
> > Bug is fixed in 0.28 :-)
Looks likely!
  Thu Aug 26 21:53:42 2010 The RT System itself - Status changed from 'resolved' to 'open'
  Wed Sep 01 05:37:02 2010 LEONT [...] cpan.org - Status changed from 'open' to 'resolved'
  Wed Sep 01 05:37:17 2010 LEONT [...] cpan.org - Fixed in 0.28 added