RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 22:47:44 +00:00
Code Issues Activity Actions

Kernel+LibC: Don't crash upon traversal of large directories.

Browse source
This commit is contained in:
Andreas Kling 2019-03-20 18:31:12 +01:00
parent 7b32afdcfc
commit 86e2348b74
2 changed files with 16 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Kernel/FileDescriptor.cpp
View file

@ -278,8 +278,9 @@ ssize_t FileDescriptor::get_dir_entries(byte* buffer, ssize_t size)
if (!metadata.is_directory())
return -ENOTDIR;
// FIXME: Compute the actual size needed.
auto temp_buffer = ByteBuffer::create_uninitialized(2048);
int size_to_allocate = max(PAGE_SIZE, metadata.size);
auto temp_buffer = ByteBuffer::create_uninitialized(size_to_allocate);
BufferStream stream(temp_buffer);
VFS::the().traverse_directory_inode(*m_inode, [&stream] (auto& entry) {
stream << (dword)entry.inode.index();
@ -288,11 +289,12 @@ ssize_t FileDescriptor::get_dir_entries(byte* buffer, ssize_t size)
stream << entry.name;
return true;
});
stream.snip();
if (size < stream.offset())
if (size < temp_buffer.size())
return -1;
memcpy(buffer, temp_buffer.pointer(), stream.offset());
memcpy(buffer, temp_buffer.pointer(), temp_buffer.size());
return stream.offset();
}