linux-user: Check for bad event numbers in epoll_wait The kernel checks that the maxevents parameter to epoll_wait is non-negative and not larger than EP_MAX_EVENTS. Add this check to our implementation, so that: * we fail these cases EINVAL rather than EFAULT * we don't pass negative or overflowing values to the lock_user() size calculation Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>

commit: 2ba7fae3bd688f5bb6cb08defc731d77e6bd943c [log] [tgz]
author: Peter Maydell <peter.maydell@linaro.org> Mon Jul 18 15:35:59 2016 +0100
committer: Riku Voipio <riku.voipio@linaro.org> Wed Sep 21 14:25:26 2016 +0300
tree: a2138d834c2f9d056db7c55b26118b554865be46
parent: 700fa58e4b9100d6bd77df06d2e5d1f457720c4d [diff] [blame]
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index c0e5cb0..5c19c5c 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h

@@ -2585,6 +2585,9 @@
     abi_uint events;
     target_epoll_data_t data;
 } TARGET_EPOLL_PACKED;
+
+#define TARGET_EP_MAX_EVENTS (INT_MAX / sizeof(struct target_epoll_event))
+
 #endif
 struct target_rlimit64 {
     uint64_t rlim_cur;
commit	2ba7fae3bd688f5bb6cb08defc731d77e6bd943c	[log] [tgz]
author	Peter Maydell <peter.maydell@linaro.org>	Mon Jul 18 15:35:59 2016 +0100
committer	Riku Voipio <riku.voipio@linaro.org>	Wed Sep 21 14:25:26 2016 +0300
tree	a2138d834c2f9d056db7c55b26118b554865be46
parent	700fa58e4b9100d6bd77df06d2e5d1f457720c4d [diff] [blame]