gh0s7/mckernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

process_vm_read_writev(): fix base address check for EFAULT

Browse Source
This commit is contained in:
Balazs Gerofi
2016-11-24 10:40:41 +09:00
parent e54895efde
commit 8c56c75d2c
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
kernel/syscall.c
View File

@ -7812,6 +7812,16 @@ arg_out:
ihk_mc_spinlock_lock_noirq(&lthread->vm->memory_range_lock); ihk_mc_spinlock_lock_noirq(&lthread->vm->memory_range_lock);
/* Is base valid? */
range = lookup_process_memory_range(lthread->vm,
(uintptr_t)local_iov[li].iov_base,
(uintptr_t)(local_iov[li].iov_base + 1));
if (!range) {
ret = -EFAULT;
goto pli_out;
}
/* Is range valid? */ /* Is range valid? */
range = lookup_process_memory_range(lthread->vm, range = lookup_process_memory_range(lthread->vm,
(uintptr_t)local_iov[li].iov_base, (uintptr_t)local_iov[li].iov_base,
@ -7845,6 +7855,16 @@ pli_out:
ihk_mc_spinlock_lock_noirq(&rvm->memory_range_lock); ihk_mc_spinlock_lock_noirq(&rvm->memory_range_lock);
/* Is base valid? */
range = lookup_process_memory_range(rvm,
(uintptr_t)remote_iov[li].iov_base,
(uintptr_t)(remote_iov[li].iov_base + 1));
if (range == NULL) {
ret = -EFAULT;
goto pri_out;
}
/* Is range valid? */ /* Is range valid? */
range = lookup_process_memory_range(rvm, range = lookup_process_memory_range(rvm,
(uintptr_t)remote_iov[li].iov_base, (uintptr_t)remote_iov[li].iov_base,