vm_read_mem: detect address truncation

When sizeof(kernel_ureg_t) > sizeof(long), the tracee address passed
to vm_read_mem could be silently truncated.  Detect this situation
and return EIO when the tracee address does not fit into unsigned long.

* util.c (vm_read_mem): Save raddr argument into a temporary variable
truncated_raddr of type unsigned long.  Set errno to EIO and return -1
when truncated_raddr does not equal to raddr.

diff --git a/util.c b/util.c
index ed95d0f205cb4e1bc4f9398b5cbde4e12e0895b7..b977924c063ef790a38398c6200799c7c046b295 100644 (file)
--- a/util.c
+++ b/util.c
@@ -1082,12 +1082,19 @@ static ssize_t
 vm_read_mem(const pid_t pid, void *const laddr,
            const kernel_ureg_t raddr, const size_t len)
 {
+       const unsigned long truncated_raddr = raddr;
+
+       if (raddr != (kernel_ureg_t) truncated_raddr) {
+               errno = EIO;
+               return -1;
+       }
+
        const struct iovec local = {
                .iov_base = laddr,
                .iov_len = len
        };
        const struct iovec remote = {
-               .iov_base = (void *) raddr,
+               .iov_base = (void *) truncated_raddr,
                .iov_len = len
        };