beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-09-30 08:41:15 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Kernel: Add bounds checking to recognized_symbols in dump_backtrace_impl (#372)

Browse source 
This adds a bounds check to the loop that writes to the buffer
'recognized_symbols'. This prevents buffer overflows in the
case when a programs backtrace is particularly large.

Fixes #371.
This commit is contained in:
DrewStratford 2019-07-29 06:02:22 +12:00 committed by Andreas Kling
parent 7cabe6433e
commit 608fee9bff
Notes: sideshowbarker 2024-07-19 13:00:41 +09:00 
Author: https://github.com/DrewStratford 🔰
Commit: https://github.com/SerenityOS/serenity/commit/608fee9bffe
Pull-request: https://github.com/SerenityOS/serenity/pull/372
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Kernel/KSyms.cpp
View file

@ -94,7 +94,7 @@ static void load_ksyms_from_data(const ByteBuffer& buffer)
RecognizedSymbol recognized_symbols[max_recognized_symbol_count];
int recognized_symbol_count = 0;
if (use_ksyms) {
for (u32* stack_ptr = (u32*)ebp; current->process().validate_read_from_kernel(VirtualAddress((u32)stack_ptr)); stack_ptr = (u32*)*stack_ptr) {
for (u32* stack_ptr = (u32*)ebp; current->process().validate_read_from_kernel(VirtualAddress((u32)stack_ptr)) && recognized_symbol_count < max_recognized_symbol_count; stack_ptr = (u32*)*stack_ptr) {
u32 retaddr = stack_ptr[1];
recognized_symbols[recognized_symbol_count++] = { retaddr, ksymbolicate(retaddr) };
}
@ -105,7 +105,7 @@ static void load_ksyms_from_data(const ByteBuffer& buffer)
}
return;
}
ASSERT(recognized_symbol_count < max_recognized_symbol_count);
ASSERT(recognized_symbol_count <= max_recognized_symbol_count);
size_t bytes_needed = 0;
for (int i = 0; i < recognized_symbol_count; ++i) {
auto& symbol = recognized_symbols[i];