From 0c0895f9a00b2f98e5119ec655a75bb3bd366db4 Mon Sep 17 00:00:00 2001
From: "Rustem Gimadutdinov (rgimad)" <rustem.gimadutdinov@gmail.com>
Date: Thu, 22 Apr 2021 20:56:05 +0000
Subject: [PATCH] fixed vulnerability (kernel memory rewrite) in sysfn 30.2 and
 30.5

git-svn-id: svn://kolibrios.org@8676 a494cfbc-eb01-0410-851d-a64ba20cac60
---
 kernel/trunk/fs/fs_lfn.inc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kernel/trunk/fs/fs_lfn.inc b/kernel/trunk/fs/fs_lfn.inc
index b6c7d00d01..a866c7d351 100644
--- a/kernel/trunk/fs/fs_lfn.inc
+++ b/kernel/trunk/fs/fs_lfn.inc
@@ -458,6 +458,14 @@ sys_current_directory:  ; sysfunction 30
 
 .get:
 ; in: ecx -> buffer, edx = length, eax = encoding
+        stdcall is_region_userspace, ecx, edx
+        jnz     @f
+
+        ; if illegal buffer given
+        xor     edx, edx
+        jmp     .ret
+@@:
+
         mov     esi, edi
         inc     esi
         mov     edi, ecx