From 856319dc8a3d15c3eddf83d106e01e6f63c349a7 Mon Sep 17 00:00:00 2001
From: jsteemann <jan@arangodb.com>
Date: Fri, 5 Oct 2018 01:29:19 +0200
Subject: [PATCH] check return value of `malloc_read_fd`

in case `malloc_read_fd` returns a negative error number, the result
would afterwards be casted to an unsigned size_t, and may have
theoretically caused an out-of-bounds memory access in the following
`strncmp` call.
---
 src/pages.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/pages.c b/src/pages.c
index 88a9d630..479a89e5 100644
--- a/src/pages.c
+++ b/src/pages.c
@@ -567,6 +567,10 @@ init_thp_state(void) {
 	close(fd);
 #endif
 
+        if (nread < 0) {
+		goto label_error; 
+        }
+
 	if (strncmp(buf, sys_state_madvise, (size_t)nread) == 0) {
 		init_system_thp_mode = thp_mode_default;
 	} else if (strncmp(buf, sys_state_always, (size_t)nread) == 0) {