diff options
| author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2023-10-01 17:35:01 +0200 |
|---|---|---|
| committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2023-10-01 19:33:20 +0200 |
| commit | b63dea5ca946c3956637a7bf85a1002866b20cd6 (patch) | |
| tree | 682eb89c30f95c85a4a2b158fcdfa867c2fa56c8 /ipc | |
| parent | 126c0364bf7d72d4f2ecf1ad2f4ebe1d2667940d (diff) | |
| download | gnumach-b63dea5ca946c3956637a7bf85a1002866b20cd6.tar.gz gnumach-b63dea5ca946c3956637a7bf85a1002866b20cd6.tar.bz2 gnumach-b63dea5ca946c3956637a7bf85a1002866b20cd6.zip | |
copyinmsg: Check that we have not overflown
This if of course too late in case of a failure, but better assert than get
awful bugs, and it's really not supposed to happen.
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/ipc_kmsg.c | 2 | ||||
| -rw-r--r-- | ipc/mach_msg.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/ipc/ipc_kmsg.c b/ipc/ipc_kmsg.c index 105e54d4..33e4d57c 100644 --- a/ipc/ipc_kmsg.c +++ b/ipc/ipc_kmsg.c @@ -505,7 +505,7 @@ ipc_kmsg_get( ikm_init(kmsg, ksize); } - if (copyinmsg(msg, &kmsg->ikm_header, size)) { + if (copyinmsg(msg, &kmsg->ikm_header, size, kmsg->ikm_size)) { ikm_free(kmsg); return MACH_SEND_INVALID_DATA; } diff --git a/ipc/mach_msg.c b/ipc/mach_msg.c index fb6e6dfc..118ce4b3 100644 --- a/ipc/mach_msg.c +++ b/ipc/mach_msg.c @@ -460,7 +460,7 @@ mach_msg_trap( goto slow_get; if (copyinmsg(msg, &kmsg->ikm_header, - send_size)) { + send_size, kmsg->ikm_size)) { ikm_free(kmsg); goto slow_get; } |