mirror of
https://github.com/RGBCube/serenity
synced 2025-07-10 03:57:35 +00:00
Kernel: Pointer range validation should fail on wraparound
Let's reject address ranges that wrap around the 2^32 mark.
This commit is contained in:
parent
903b159856
commit
36f1de3c89
1 changed files with 4 additions and 0 deletions
|
@ -1971,6 +1971,8 @@ bool Process::validate_read(const void* address, ssize_t size) const
|
|||
ASSERT(size >= 0);
|
||||
VirtualAddress first_address((u32)address);
|
||||
VirtualAddress last_address = first_address.offset(size - 1);
|
||||
if (last_address < first_address)
|
||||
return false;
|
||||
if (is_ring0()) {
|
||||
auto kmc_result = check_kernel_memory_access(first_address, false);
|
||||
if (kmc_result == KernelMemoryCheckResult::AccessGranted)
|
||||
|
@ -1995,6 +1997,8 @@ bool Process::validate_write(void* address, ssize_t size) const
|
|||
ASSERT(size >= 0);
|
||||
VirtualAddress first_address((u32)address);
|
||||
VirtualAddress last_address = first_address.offset(size - 1);
|
||||
if (last_address < first_address)
|
||||
return false;
|
||||
if (is_ring0()) {
|
||||
if (is_kmalloc_address(address))
|
||||
return true;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue