diff options
| author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2023-10-01 17:35:01 +0200 |
|---|---|---|
| committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2023-10-01 19:33:20 +0200 |
| commit | b63dea5ca946c3956637a7bf85a1002866b20cd6 (patch) | |
| tree | 682eb89c30f95c85a4a2b158fcdfa867c2fa56c8 /x86_64 | |
| parent | 126c0364bf7d72d4f2ecf1ad2f4ebe1d2667940d (diff) | |
| download | gnumach-b63dea5ca946c3956637a7bf85a1002866b20cd6.tar.gz gnumach-b63dea5ca946c3956637a7bf85a1002866b20cd6.tar.bz2 gnumach-b63dea5ca946c3956637a7bf85a1002866b20cd6.zip | |
copyinmsg: Check that we have not overflown
This if of course too late in case of a failure, but better assert than get
awful bugs, and it's really not supposed to happen.
Diffstat (limited to 'x86_64')
| -rw-r--r-- | x86_64/copy_user.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/x86_64/copy_user.c b/x86_64/copy_user.c index 178a7545..0d3f301b 100644 --- a/x86_64/copy_user.c +++ b/x86_64/copy_user.c @@ -363,7 +363,7 @@ size_t msg_usize(const mach_msg_header_t *kmsg) * mach_msg_header have the same size in the kernel and user variant (basically * all fields except ports and addresses) */ -int copyinmsg (const void *userbuf, void *kernelbuf, const size_t usize) +int copyinmsg (const void *userbuf, void *kernelbuf, const size_t usize, const size_t ksize) { const mach_msg_user_header_t *umsg = userbuf; mach_msg_header_t *kmsg = kernelbuf; @@ -469,6 +469,7 @@ int copyinmsg (const void *userbuf, void *kernelbuf, const size_t usize) } kmsg->msgh_size = sizeof(mach_msg_header_t) + ksaddr - (vm_offset_t)(kmsg + 1); + assert(kmsg->msgh_size <= ksize); return 0; } |