fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2025-12-27 11:48:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Kernel: Fully validate pointers when walking stack during profiling

Browse Source 
It's not enough to just check that things wouldn't page fault, we also
need to verify that addresses are accessible to the profiled thread.
This commit is contained in:
Andreas Kling
2020-02-22 09:56:22 +01:00
parent f020081a38
commit 94652fd2fb
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Kernel/Thread.cpp
View File

@@ -813,7 +813,7 @@ Vector<uintptr_t> Thread::raw_backtrace(uintptr_t ebp) const
ProcessPagingScope paging_scope(process);
Vector<uintptr_t, Profiling::max_stack_frame_count> backtrace;
backtrace.append(ebp);
for (uintptr_t* stack_ptr = (uintptr_t*)ebp; MM.can_read_without_faulting(process, VirtualAddress(stack_ptr), sizeof(uintptr_t) * 2); stack_ptr = (uintptr_t*)*stack_ptr) {
for (uintptr_t* stack_ptr = (uintptr_t*)ebp; process.validate_read_from_kernel(VirtualAddress(stack_ptr), sizeof(uintptr_t) * 2) && MM.can_read_without_faulting(process, VirtualAddress(stack_ptr), sizeof(uintptr_t) * 2); stack_ptr = (uintptr_t*)*stack_ptr) {
uintptr_t retaddr = stack_ptr[1];
backtrace.append(retaddr);
if (backtrace.size() == Profiling::max_stack_frame_count)