mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-04-26 22:38:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Kernel: Utilize AK::Userspace<T> in the ioctl interface

Browse source 
It's easy to forget the responsibility of validating and safely copying
kernel parameters in code that is far away from syscalls. ioctl's are
one such example, and bugs there are just as dangerous as at the root
syscall level.

To avoid this case, utilize the AK::Userspace<T> template in the ioctl
kernel interface so that implementors have no choice but to properly
validate and copy ioctl pointer arguments.
This commit is contained in:
Brian Gianforcaro 2021-07-26 02:47:00 -07:00 committed by Ali Mohammad Pur
parent 0bb3d83a48
commit 9a04f53a0f
Notes: sideshowbarker 2024-07-18 08:17:47 +09:00
16 changed files with 99 additions and 93 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Kernel/FileSystem/InodeFile.cpp
View file

@ -62,7 +62,7 @@ KResultOr<size_t> InodeFile::write(FileDescription& description, u64 offset, con
return nwritten;
}
int InodeFile::ioctl(FileDescription& description, unsigned request, FlatPtr arg)
int InodeFile::ioctl(FileDescription& description, unsigned request, Userspace<void*> arg)
{
(void)description;
@ -71,8 +71,9 @@ int InodeFile::ioctl(FileDescription& description, unsigned request, FlatPtr arg
if (!Process::current()->is_superuser())
return -EPERM;
auto user_block_number = static_ptr_cast<int*>(arg);
int block_number = 0;
if (!copy_from_user(&block_number, (int*)arg))
if (!copy_from_user(&block_number, user_block_number))
return -EFAULT;
if (block_number < 0)
@ -82,7 +83,7 @@ int InodeFile::ioctl(FileDescription& description, unsigned request, FlatPtr arg
if (block_address.is_error())
return block_address.error();
if (!copy_to_user((int*)arg, &block_address.value()))
if (!copy_to_user(user_block_number, &block_address.value()))
return -EFAULT;
return 0;