[KERNEL] fixed vulnerability (execution of user code in kernel mode) in sysfn 77.10 and sysfn 77.11

git-svn-id: svn://kolibrios.org@9884 a494cfbc-eb01-0410-851d-a64ba20cac60
This commit is contained in:
Doczom 2022-10-25 18:20:48 +00:00
parent 19cab98b13
commit b2734e40fd

View File

@ -83,6 +83,9 @@ sys_read:
mov edi, [current_process] mov edi, [current_process]
mov ebp, [edi + PROC.htab + ecx*4] mov ebp, [edi + PROC.htab + ecx*4]
stdcall is_region_userspace, ebp, 4
jz .fail
cmp [ebp + FILED.magic], 'PIPE' cmp [ebp + FILED.magic], 'PIPE'
jne .fail jne .fail
cmp [ebp + FILED.handle], ecx cmp [ebp + FILED.handle], ecx
@ -113,6 +116,9 @@ sys_write:
mov edi, [current_process] mov edi, [current_process]
mov ebp, [edi + PROC.htab+ecx*4] mov ebp, [edi + PROC.htab+ecx*4]
stdcall is_region_userspace, ebp, 4
jz .fail
cmp [ebp + FILED.magic], 'PIPE' cmp [ebp + FILED.magic], 'PIPE'
jne .fail jne .fail
cmp [ebp + FILED.handle], ecx cmp [ebp + FILED.handle], ecx