fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2026-02-21 15:14:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Kernel: Clear the region lookup cache on exec()

Browse Source 
Each process has a 1-level lookup cache for fast repeated lookups of
the same VM region (which tends to be the majority of lookups.)
The cache is used by the following syscalls: munmap, madvise, mprotect
and set_mmap_name.

After a succesful exec(), there could be a stale Region* in the lookup
cache, and the new executable was able to manipulate it using a number
of use-after-free code paths.
This commit is contained in:
Andreas Kling
2020-02-24 12:31:14 +01:00
parent 5ce6215af7
commit 79576f9280
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Kernel/Process.cpp
View File

@@ -952,6 +952,8 @@ int Process::do_exec(NonnullRefPtr<FileDescription> main_program_description, Ve
m_futex_queues.clear();
m_region_lookup_cache = {};
disown_all_shared_buffers();
for (int i = 0; i < m_fds.size(); ++i) {