From b65572b3fef8b04074b5227daa567bb6e7e01ce4 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Sat, 18 Jan 2020 11:34:53 +0100
Subject: [PATCH] Kernel: Disallow mmap names longer than PATH_MAX

---
 Kernel/Process.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp
index 063a660032..114bd35c86 100644
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@@ -245,6 +245,9 @@ int Process::sys$set_mmap_name(const Syscall::SC_set_mmap_name_params* user_para
     if (!validate_read_and_copy_typed(&params, user_params))
         return -EFAULT;
 
+    if (params.name.length > PATH_MAX)
+        return -ENAMETOOLONG;
+
     auto name = validate_and_copy_string_from_user(params.name);
     if (name.is_null())
         return -EFAULT;
@@ -323,6 +326,8 @@ void* Process::sys$mmap(const Syscall::SC_mmap_params* user_params)
 
     String name;
     if (params.name.characters) {
+        if (params.name.length > PATH_MAX)
+            return (void*)-ENAMETOOLONG;
         name = validate_and_copy_string_from_user(params.name);
         if (name.is_null())
             return (void*)-EFAULT;