LibSymbolication: Fix integer overflow when calculating region addresses

Author: https://github.com/gunnarbeutner Commit: https://github.com/SerenityOS/serenity/commit/e3d2ca6bd20 Pull-request: https://github.com/SerenityOS/serenity/pull/8962
2025-04-21 20:15:17 +00:00 · 2021-07-27 08:29:42 +02:00 · 2021-07-27 08:29:42 +02:00 · e3d2ca6bd2 · 2024-07-18 08:03:29 +09:00
commit e3d2ca6bd2
parent b10a86d463
1 changed files with 7 additions and 1 deletions
--- a/Userland/Libraries/LibSymbolication/Symbolication.cpp
+++ b/Userland/Libraries/LibSymbolication/Symbolication.cpp
@ -4,6 +4,7 @@
 * SPDX-License-Identifier: BSD-2-Clause
 */

+#include <AK/Checked.h>
 #include <AK/JsonArray.h>
 #include <AK/JsonObject.h>
 #include <AK/JsonValue.h>
@ -192,7 +193,12 @@ Vector<Symbol> symbolicate_thread(pid_t pid, pid_t tid)
    for (auto address : stack) {
        const RegionWithSymbols* found_region = nullptr;
        for (auto& region : regions) {
-            if (address >= region.base && address < (region.base + region.size)) {
+            FlatPtr region_end;
+            if (Checked<FlatPtr>::addition_would_overflow(region.base, region.size))
+                region_end = NumericLimits<FlatPtr>::max();
+            else
+                region_end = region.base + region.size;
+            if (address >= region.base && address < region_end) {
                found_region = &region;
                break;
            }