Burer/kolibrios
1
0
Fork 0
forked from KolibriOS/kolibrios
Code Pull Requests Activity

fixed vulnerability (kernel memory rewrite) in sysfn 30.2 and 30.5

Browse Source 
git-svn-id: svn://kolibrios.org@8676 a494cfbc-eb01-0410-851d-a64ba20cac60
This commit is contained in:
Rustem Gimadutdinov (rgimad) 2021-04-22 20:56:05 +00:00
parent c7a8498e42
commit 0c0895f9a0
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
kernel/trunk/fs/fs_lfn.inc
View File

@ -458,6 +458,14 @@ sys_current_directory: ; sysfunction 30
.get: .get:
; in: ecx -> buffer, edx = length, eax = encoding ; in: ecx -> buffer, edx = length, eax = encoding
stdcall is_region_userspace, ecx, edx
jnz @f
; if illegal buffer given
xor edx, edx
jmp .ret
@@:
mov esi, edi mov esi, edi
inc esi inc esi
mov edi, ecx mov edi, ecx