Kernel: Don't ignore validation result in ptrace(PT_PEEK)

Also mark all of the address validation functions [[nodiscard]] to turn this kind of bug into a compile error in the future.
fleximus · Apr 13, 2020 · c8edcf1 · c8edcf1
1 parent e432a27
commit c8edcf1
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 11 deletions.
diff --git a/Kernel/Process.h b/Kernel/Process.h
@@ -326,14 +326,14 @@ class Process : public InlineLinkedListNode<Process> {
  u32 m_ticks_in_user_for_dead_children { 0 };
  u32 m_ticks_in_kernel_for_dead_children { 0 };
 
- bool validate_read_from_kernel(VirtualAddress, size_t) const;
+ [[nodiscard]] bool validate_read_from_kernel(VirtualAddress, size_t) const;
 
- bool validate_read(const void*, size_t) const;
- bool validate_write(void*, size_t) const;
+ [[nodiscard]] bool validate_read(const void*, size_t) const;
+ [[nodiscard]] bool validate_write(void*, size_t) const;
  template<typename T>
- bool validate_read_typed(T* value, size_t count = 1) { return validate_read(value, sizeof(T) * count); }
+ [[nodiscard]] bool validate_read_typed(T* value, size_t count = 1) { return validate_read(value, sizeof(T) * count); }
  template<typename T>
- bool validate_read_and_copy_typed(T* dest, const T* src)
+ [[nodiscard]] bool validate_read_and_copy_typed(T* dest, const T* src)
  {
  bool validated = validate_read_typed(src);
  if (validated) {
@@ -342,14 +342,14 @@ class Process : public InlineLinkedListNode<Process> {
  return validated;
  }
  template<typename T>
- bool validate_write_typed(T* value, size_t count = 1) { return validate_write(value, sizeof(T) * count); }
+ [[nodiscard]] bool validate_write_typed(T* value, size_t count = 1) { return validate_write(value, sizeof(T) * count); }
  template<typename DataType, typename SizeType>
- bool validate(const Syscall::MutableBufferArgument<DataType, SizeType>&);
+ [[nodiscard]] bool validate(const Syscall::MutableBufferArgument<DataType, SizeType>&);
  template<typename DataType, typename SizeType>
- bool validate(const Syscall::ImmutableBufferArgument<DataType, SizeType>&);
+ [[nodiscard]] bool validate(const Syscall::ImmutableBufferArgument<DataType, SizeType>&);
 
- String validate_and_copy_string_from_user(const char*, size_t) const;
- String validate_and_copy_string_from_user(const Syscall::StringArgument&) const;
+ [[nodiscard]] String validate_and_copy_string_from_user(const char*, size_t) const;
+ [[nodiscard]] String validate_and_copy_string_from_user(const Syscall::StringArgument&) const;
 
  Custody& current_directory();
  Custody* executable() { return m_executable.ptr(); }

diff --git a/Kernel/Ptrace.cpp b/Kernel/Ptrace.cpp
@@ -113,7 +113,8 @@ KResultOr<u32> handle_syscall(const Kernel::Syscall::SC_ptrace_params& params, P
  auto result = peer->process().peek_user_data(peek_params.address);
  if (result.is_error())
  return -EFAULT;
- peer->process().validate_write(peek_params.out_data, sizeof(u32));
+ if (!peer->process().validate_write(peek_params.out_data, sizeof(u32)))
+ return -EFAULT;
  copy_from_user(peek_params.out_data, &result.value());
  break;
  }