fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2026-01-07 17:15:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fbb85f9b2f1aaa68407590a94ce046fa0c2271ad
ladybird/Kernel
History
Ben Wiederhake fbb85f9b2f Kernel: Refuse excessively long iovec list, also in readv 
This bug is a good example why copy-paste code should eventually be eliminated
from the code base: Apparently the code was copied from read.cpp before
c6027ed7cc, so the same bug got introduced here.

To recap: A malicious program can ask the Kernel to prepare sys-ing to
a huge amount of iovecs. The Kernel must first copy all the vector locations
into 'vecs', and before that allocates an arbitrary amount of memory:
    vecs.resize(iov_count);
This can cause Kernel memory exhaustion, triggered by any malicious userland
program.
2021-02-15 22:09:01 +01:00
..
ACPI
Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
2021-02-08 18:08:55 +01:00
API
Kernel: Handle 'Menu' key on PS/2 keyboard
2021-02-15 19:37:14 +01:00
Arch
Kernel: Mark a handful of things in CPU.cpp as READONLY_AFTER_INIT
2021-02-14 18:12:00 +01:00
Devices
Kernel: Handle 'Menu' key on PS/2 keyboard
2021-02-15 19:37:14 +01:00
FileSystem
Kernel: Add WaitQueue::wait_forever and it use it for all infinite waits.
2021-02-15 08:28:57 +01:00
Heap
Kernel: Mark a handful of things in kmalloc.cpp as READONLY_AFTER_INIT
2021-02-14 18:12:00 +01:00
Interrupts
Kernel: Avoid some un-necessary copies coming from range based for loops
2021-02-15 15:25:23 +01:00
Modules
Net
Kernel+LibC: Stub out SO_{SND_RCV}BUF
2021-02-15 17:32:56 +01:00
PCI
Kernel: Assert if rounding-up-to-page-size would wrap around to 0
2021-02-14 10:01:50 +01:00
Storage
Kernel: Assert if rounding-up-to-page-size would wrap around to 0
2021-02-14 10:01:50 +01:00
Syscalls
Kernel: Refuse excessively long iovec list, also in readv
2021-02-15 22:09:01 +01:00
Tasks
Kernel: Ignore unobserved BlockResult from Thread::Sleep
2021-02-15 08:28:57 +01:00
Time
Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
2021-02-08 18:08:55 +01:00
TTY
Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
2021-02-08 18:08:55 +01:00
VM
Kernel: Avoid some un-necessary copies coming from range based for loops
2021-02-15 15:25:23 +01:00
.gitignore
Meta: Expect sync-local.sh script at repository root
2021-01-30 09:18:46 +01:00
AddressSanitizer.cpp
Kernel: Initial integration of Kernel Address Sanitizer (KASAN)
2021-02-15 11:41:53 +01:00
AddressSanitizer.h
Kernel: Initial integration of Kernel Address Sanitizer (KASAN)
2021-02-15 11:41:53 +01:00
Assertions.h
Everywhere: Switch from (void) to [[maybe_unused]] (#4473)
2020-12-21 00:09:48 +01:00
CMakeLists.txt
Meta: Make it possible to (somewhat) build the system inside Serenity
2021-02-15 17:32:56 +01:00
CMOS.cpp
CMOS.h
CommandLine.cpp
CommandLine.h
Console.cpp
Kernel+LibC: Turn errno codes into a strongly typed enum
2021-01-20 23:20:02 +01:00
Console.h
Kernel: Make device generate their own names
2021-01-22 22:17:39 +01:00
CoreDump.cpp
Kernel: Reorganize ptrace implementation a bit
2021-02-08 19:34:41 +01:00
CoreDump.h
Kernel: Embed a Metadata notes entry in coredumps
2020-12-30 16:28:27 +01:00
Debug.h.in
Kernel: Add NE2000 network card driver
2021-02-05 09:35:02 +01:00
DMI.cpp
Kernel: Set file size for smbios_entry_point and DMI blobs in ProcFS
2021-02-01 17:13:23 +01:00
DMI.h
Kernel: Set file size for smbios_entry_point and DMI blobs in ProcFS
2021-02-01 17:13:23 +01:00
DoubleBuffer.cpp
Kernel: Merge PurgeableVMObject into AnonymousVMObject
2021-01-01 23:43:44 +01:00
DoubleBuffer.h
Forward.h
Kernel: Factor address space management out of the Process class
2021-02-08 18:27:28 +01:00
FutexQueue.cpp
Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
2021-02-08 18:08:55 +01:00
FutexQueue.h
Kernel: Some futex improvements
2021-01-17 20:30:31 +01:00
init.cpp
Kernel: Mark a handful of things in init.cpp as READONLY_AFTER_INIT
2021-02-14 18:12:00 +01:00
IO.h
Kernel: Convert a bunch of String::format() => String::formatted()
2021-01-11 22:07:01 +01:00
KBuffer.h
Kernel: Mark KBuffer and its getters as [[nodiscard]]
2021-02-15 09:34:52 +01:00
KBufferBuilder.cpp
Kernel: Assert if rounding-up-to-page-size would wrap around to 0
2021-02-14 10:01:50 +01:00
KBufferBuilder.h
Kernel: Convert all *Builder::appendf() => appendff()
2021-02-09 19:18:13 +01:00
kprintf.cpp
Everywhere: Replace a bundle of dbg with dbgln.
2021-01-09 21:11:09 +01:00
KResult.h
Kernel: Mark KResult getters as [[nodiscard]]
2021-02-15 09:34:52 +01:00
kstdio.h
LibC: Enable compiler warnings for printf format strings
2020-12-26 10:05:50 +01:00
KSyms.cpp
Everywhere: Remove some bitrotted "#if 0" blocks
2021-02-03 11:17:47 +01:00
KSyms.h
linker.ld
Kernel: Add mechanism to make some memory read-only after init finishes
2021-02-14 18:11:32 +01:00
Lock.cpp
Kernel: Add WaitQueue::wait_forever and it use it for all infinite waits.
2021-02-15 08:28:57 +01:00
Lock.h
Kernel: Mark Lock getters as [[nodiscard]]
2021-02-15 09:34:52 +01:00
LockMode.h
mkmap.sh
Module.h
Multiboot.h
Kernel: Parse boot modules from Multiboot specification
2021-01-22 22:17:39 +01:00
Panic.cpp
Kernel: Add a PANIC() function
2021-02-14 09:36:58 +01:00
Panic.h
Kernel: Add a PANIC() function
2021-02-14 09:36:58 +01:00
PerformanceEventBuffer.cpp
Kernel: Factor address space management out of the Process class
2021-02-08 18:27:28 +01:00
PerformanceEventBuffer.h
Kernel: Prune uninteresting kernel frames from profiling samples
2021-01-17 14:36:53 +01:00
PhysicalAddress.h
Kernel: Mark PhysicalAddress/VirtualAddress getters as [[nodiscard]]
2021-02-15 09:34:52 +01:00
Process.cpp
Kernel: Mark a handful of things in Process.cpp READONLY_AFTER_INIT
2021-02-14 18:12:00 +01:00
Process.h
Kernel+LibC: Implement readv
2021-02-15 17:32:56 +01:00
ProcessGroup.cpp
ProcessGroup.h
Random.cpp
Kernel: Add WaitQueue::wait_forever and it use it for all infinite waits.
2021-02-15 08:28:57 +01:00
Random.h
Kernel: Don't left-shift 1 (signed) 31 times
2021-02-05 21:28:06 +01:00
RTC.cpp
Kernel: Don't assert if RTC believes we're in the past
2021-02-11 20:58:39 +01:00
RTC.h
Scheduler.cpp
Kernel: Mark a handful of things in Scheduler.cpp READONLY_AFTER_INIT
2021-02-14 18:12:00 +01:00
Scheduler.h
Kernel: Remove ancient unused Scheduler::beep() declaration
2021-02-07 20:45:09 +01:00
SpinLock.h
Kernel: Tag more methods and types as [[nodiscard]]
2020-12-27 11:09:30 +01:00
StdLib.cpp
Kernel: Do not try to print the string that cannot be read
2021-02-13 00:40:31 +01:00
StdLib.h
Kernel: Mark more StdLib functions as [[nodiscard]]
2021-02-15 09:34:52 +01:00
Syscall.cpp
Kernel: Fix TOCTOU in syscall entry region validation
2021-02-14 11:47:14 +01:00
Thread.cpp
Kernel: Mark a handful of things in Thread.cpp READONLY_AFTER_INIT
2021-02-14 18:12:00 +01:00
Thread.h
Kernel: Mark BlockResult as [[nodiscard]]
2021-02-15 08:28:57 +01:00
ThreadBlockers.cpp
Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
2021-02-08 18:08:55 +01:00
ThreadTracer.cpp
Kernel: Reorganize ptrace implementation a bit
2021-02-08 19:34:41 +01:00
ThreadTracer.h
TimerQueue.cpp
Kernel: Improve time keeping and dramatically reduce interrupt load
2020-12-21 18:26:12 +01:00
TimerQueue.h
Kernel: Specify default memory order for some non-synchronizing Atomics
2021-01-04 19:13:52 +01:00
UBSanitizer.cpp
KUBSAN: Add nearly all missing -fsanitize handlers (#5254)
2021-02-11 20:58:01 +01:00
UBSanitizer.h
KUBSAN: Add nearly all missing -fsanitize handlers (#5254)
2021-02-11 20:58:01 +01:00
UnixTypes.h
Kernel+LibC: Add the _SC_GETPW_R_SIZE_MAX sysconf enum
2021-02-15 17:32:56 +01:00
UnveilNode.h
Kernel: Allow 'elevating' unveil permissions if implicitly inherited from '/'
2020-12-26 16:10:04 +01:00
UserOrKernelBuffer.cpp
UserOrKernelBuffer.h
Kernel: Mark UserOrKernelBuffer and it's getters as [[nodicard]]
2021-02-15 09:34:52 +01:00
VirtualAddress.h
Kernel: Mark PhysicalAddress/VirtualAddress getters as [[nodiscard]]
2021-02-15 09:34:52 +01:00
WaitQueue.cpp
Everywhere: Replace dbgln<flag>(...) with dbgln_if(flag, ...)
2021-02-08 18:08:55 +01:00
WaitQueue.h
Kernel: Add WaitQueue::wait_forever and it use it for all infinite waits.
2021-02-15 08:28:57 +01:00