fixed vulnerability (reading kernel memory from userspace) in sysfn25

git-svn-id: svn://kolibrios.org@8675 a494cfbc-eb01-0410-851d-a64ba20cac60
2021-04-22 19:59:52 +00:00 · 2021-04-22 19:59:52 +00:00 · c7a8498e42
commit c7a8498e42
parent 994d28964c
1 changed files with 9 additions and 0 deletions
--- a/kernel/trunk/kernel.asm
+++ b/kernel/trunk/kernel.asm
@ -5420,6 +5420,14 @@ syscall_putarea_backgr:
        mov     esi, ecx
 ; ecx - size x, edx - size y
        mov     ebp, edx
+        
+        lea     ebp, [ebp*4]
+        imul    ebp, esi
+        stdcall is_region_userspace, edi, ebp
+        jz      .exit
+ 
+        mov     ebp, edx
+
        dec     ebp
        shl     ebp, 2

@ -5477,6 +5485,7 @@ align 4
        dec     edx
        jnz     .start_y

+.exit:
        popad
        ret
 ;-----------------------------------------------------------------------------