From b2734e40fde6506c341bb4a7c6293e4e0c39f889 Mon Sep 17 00:00:00 2001
From: Doczom <Doczom@kolibrios.org>
Date: Tue, 25 Oct 2022 18:20:48 +0000
Subject: [PATCH] [KERNEL] fixed vulnerability (execution of user code in
 kernel mode) in sysfn 77.10 and sysfn 77.11

git-svn-id: svn://kolibrios.org@9884 a494cfbc-eb01-0410-851d-a64ba20cac60
---
 kernel/trunk/posix/posix.inc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/kernel/trunk/posix/posix.inc b/kernel/trunk/posix/posix.inc
index 9ef0ba5b7c..e4bd6c8aa4 100644
--- a/kernel/trunk/posix/posix.inc
+++ b/kernel/trunk/posix/posix.inc
@@ -83,6 +83,9 @@ sys_read:
         mov     edi, [current_process]
         mov     ebp, [edi + PROC.htab + ecx*4]
 
+        stdcall is_region_userspace, ebp, 4
+        jz      .fail
+
         cmp     [ebp + FILED.magic], 'PIPE'
         jne     .fail
         cmp     [ebp + FILED.handle], ecx
@@ -113,6 +116,9 @@ sys_write:
         mov     edi, [current_process]
         mov     ebp, [edi + PROC.htab+ecx*4]
 
+        stdcall is_region_userspace, ebp, 4
+        jz      .fail
+
         cmp     [ebp + FILED.magic], 'PIPE'
         jne     .fail
         cmp     [ebp + FILED.handle], ecx