RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 18:18:12 +00:00
Code Issues Activity Actions

Kernel: Round down base of partial ranges provided to munmap/mprotect

Browse source 
We were failing to round down the base of partial VM ranges. This led
to split regions being constructed that could have a non-page-aligned
base address. This would then trip assertions in the VM code.

Found by fuzz-syscalls. :^)
This commit is contained in:
Andreas Kling 2021-02-13 01:49:44 +01:00
parent af0e52ca54
commit c877612211
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Kernel/Syscalls/mmap.cpp
View file

@ -272,7 +272,7 @@ int Process::sys$mprotect(void* addr, size_t size, int prot)
REQUIRE_PROMISE(prot_exec);
}
Range range_to_mprotect = { VirtualAddress(addr), PAGE_ROUND_UP(size) };
Range range_to_mprotect = { VirtualAddress((FlatPtr)addr & PAGE_MASK), PAGE_ROUND_UP(size) };
if (!range_to_mprotect.size())
return -EINVAL;
@ -343,7 +343,7 @@ int Process::sys$madvise(void* address, size_t size, int advice)
{
REQUIRE_PROMISE(stdio);
Range range_to_madvise { VirtualAddress(address), PAGE_ROUND_UP(size) };
Range range_to_madvise { VirtualAddress((FlatPtr)address & PAGE_MASK), PAGE_ROUND_UP(size) };
if (!range_to_madvise.size())
return -EINVAL;