SysFn 26.2 security fix: now apps cannot destroy kernel memory via passing illegal address to this sysfn

git-svn-id: svn://kolibrios.org@8158 a494cfbc-eb01-0410-851d-a64ba20cac60
This commit is contained in:
Rustem Gimadutdinov (rgimad) 2020-11-06 23:15:44 +00:00
parent c369f06816
commit 160a8c789a

View File

@ -1746,6 +1746,9 @@ sys_getsetup:
dec ecx
jnz .shift
cmp ebx, 0x7FFFFFFF ; if given memory address belongs to kernel then error
ja .addr_error
mov eax, keymap
mov ecx, 128
call memmove
@ -1756,6 +1759,9 @@ sys_getsetup:
dec ecx
jnz .alt
cmp ebx, 0x7FFFFFFF
ja .addr_error
mov eax, keymap_shift
mov ecx, 128
call memmove
@ -1766,6 +1772,9 @@ sys_getsetup:
dec ecx
jne .country
cmp ebx, 0x7FFFFFFF
ja .addr_error
mov eax, keymap_alt
mov ecx, 128
call memmove
@ -1779,6 +1788,10 @@ sys_getsetup:
movzx eax, word [keyboard]
mov [esp+32], eax
ret
.addr_error: ; if given memory address is illegal
mov eax, -1
ret
;--------------------------------------
@@:
; F.26.5 - get system language