From 92cee5bdf51a8763d50f6ccac42aeda3ef86a0cb Mon Sep 17 00:00:00 2001 From: Ben Wiederhake Date: Sun, 31 Jan 2021 13:28:18 +0100 Subject: [PATCH] Kernel: Demonstrate crash for invalid pointers --- .../Kernel/invalid-path-pointer-assert.cpp | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 Userland/Tests/Kernel/invalid-path-pointer-assert.cpp diff --git a/Userland/Tests/Kernel/invalid-path-pointer-assert.cpp b/Userland/Tests/Kernel/invalid-path-pointer-assert.cpp new file mode 100644 index 0000000000..fe503753d1 --- /dev/null +++ b/Userland/Tests/Kernel/invalid-path-pointer-assert.cpp @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2021, Ben Wiederhake + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include +#include +#include + +int main() +{ + struct stat statbuf; + // stat(3) would call strlen, and we can't have that. + Syscall::SC_stat_params params { + // Hey Kernel, please try to read the path from this totally valid location! + { (const char*)0xc000dead, 50 }, + &statbuf, false + }; + int rc = syscall(SC_stat, ¶ms); + + if (rc == 0) { + printf("stat passed?!\n"); + printf("FAIL\n"); + return 1; + } + if (rc != EFAULT) { + printf("error other than EFAULT?! rc = %d\n", rc); + printf("FAIL\n"); + return 1; + } + + printf("PASS\n"); + return 0; +}