RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 17:47:44 +00:00
Code Issues Activity Actions

Kernel: Fix integer overflow in KCOV_SETBUFSIZE ioctl

Browse source
This commit is contained in:
Patrick Meyer 2021-07-26 21:44:49 +02:00 committed by Andreas Kling
parent 4857943a71
commit d5fdb97a81
2 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Kernel/Devices/KCOVInstance.cpp
View file

@ -17,6 +17,9 @@ KCOVInstance::KCOVInstance(ProcessID pid)
KResult KCOVInstance::buffer_allocate(size_t buffer_size_in_entries)
{
if (buffer_size_in_entries < 2 || buffer_size_in_entries > KCOV_MAX_ENTRIES)
return EINVAL;
// first entry contains index of last PC
this->m_buffer_size_in_entries = buffer_size_in_entries - 1;
this->m_buffer_size_in_bytes = page_round_up(buffer_size_in_entries * KCOV_ENTRY_SIZE);