RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 14:38:11 +00:00
Code Issues Activity Actions

Everywhere: Fix incorrect usages of AK::Checked

Browse source 
Specifically, explicitly specify the checked type, use the resulting
value instead of doing the same calculation twice, and break down
calculations to discrete operations to ensure no intermediary overflows
are missed.
This commit is contained in:
Idan Horowitz 2021-07-04 20:23:26 +03:00 committed by Linus Groh
parent 3f70efed9c
commit 301c1a3a58
6 changed files with 16 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Kernel/Syscalls/execve.cpp
View file

@ -942,14 +942,14 @@ KResultOr<FlatPtr> Process::sys$execve(Userspace<const Syscall::SC_execve_params
auto copy_user_strings = [](const auto& list, auto& output) {
if (!list.length)
return true;
Checked size = sizeof(*list.strings);
Checked<size_t> size = sizeof(*list.strings);
size *= list.length;
if (size.has_overflow())
return false;
Vector<Syscall::StringArgument, 32> strings;
if (!strings.try_resize(list.length))
return false;
if (!copy_from_user(strings.data(), list.strings, list.length * sizeof(*list.strings)))
if (!copy_from_user(strings.data(), list.strings, size.value()))
return false;
for (size_t i = 0; i < list.length; ++i) {
auto string = copy_string_from_user(strings[i]);