From 66d5ebafa658b84e512cdee13bdf7e17ef5c56e1 Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Tue, 31 Dec 2019 00:27:04 +0100 Subject: [PATCH] Kernel: Let's also not consider kernel regions to be valid user stacks This one is less obviously exploitable than the previous one, but still a bug nonetheless. --- Kernel/VM/MemoryManager.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Kernel/VM/MemoryManager.cpp b/Kernel/VM/MemoryManager.cpp index d6afdf0b97..d44953f6bb 100644 --- a/Kernel/VM/MemoryManager.cpp +++ b/Kernel/VM/MemoryManager.cpp @@ -586,8 +586,8 @@ void MemoryManager::unquickmap_page() bool MemoryManager::validate_user_stack(const Process& process, VirtualAddress vaddr) const { - auto* region = region_from_vaddr(process, vaddr); - return region && region->is_stack(); + auto* region = user_region_from_vaddr(const_cast(process), vaddr); + return region && region->is_user_accessible() && region->is_stack(); } bool MemoryManager::validate_user_read(const Process& process, VirtualAddress vaddr) const