kernel: Make sure argument vectors passed to execve() are not too big

2023-05-04 16:36:24 +02:00 · 2023-05-04 16:36:24 +02:00 · 44e4ca804a
commit 44e4ca804a
parent 3eb78aa5f3
2 changed files with 29 additions and 4 deletions
--- a/kernel/src/sys/exec.cpp
+++ b/kernel/src/sys/exec.cpp
@ -31,15 +31,36 @@ static Result<Vector<String>> copy_string_vector_from_userspace(u64 address)
    return result;
 }

+static u64 calculate_userspace_stack_size(const Vector<String>& v)
+{
+    u64 total { 0 };
+
+    for (const auto& str : v)
+    {
+        // The string's byte count + a terminating NUL byte.
+        total += str.length() + 1;
+        // The pointer to said string in the userspace array.
+        total += sizeof(char*);
+    }
+
+    // The NULL pointer at the end of the userspace array.
+    total += sizeof(char*);
+
+    return total;
+}
+
+static constexpr usize MAX_ARGV_STACK_SIZE = 2 * ARCH_PAGE_SIZE;
+
 Result<u64> sys_execve(Registers* regs, SyscallArgs args)
 {
    auto path = TRY(MemoryManager::strdup_from_user(args[0]));
    auto argv = TRY(copy_string_vector_from_userspace(args[1]));
    auto envp = TRY(copy_string_vector_from_userspace(args[2]));

-    auto current = Scheduler::current();
+    if ((calculate_userspace_stack_size(argv) + calculate_userspace_stack_size(envp)) > MAX_ARGV_STACK_SIZE)
+        return err(E2BIG);

-    // FIXME: Make sure argv & envp are not too big.
+    auto current = Scheduler::current();

    auto inode = TRY(VFS::resolve_path(path.chars(), current->auth, current->current_directory));

--- a/kernel/src/thread/ThreadImage.cpp
+++ b/kernel/src/thread/ThreadImage.cpp
@ -3,11 +3,15 @@
 #include "thread/Thread.h"
 #include <luna/CString.h>

+static constexpr usize DEFAULT_USER_STACK_PAGES = 6;
+static constexpr usize DEFAULT_USER_STACK_SIZE = DEFAULT_USER_STACK_PAGES * ARCH_PAGE_SIZE;
+
 static Result<void> create_stacks(Stack& user_stack, Stack& kernel_stack)
 {
    const u64 THREAD_STACK_BASE = 0x10000;

-    TRY(MemoryManager::alloc_at_zeroed(THREAD_STACK_BASE, 4, MMU::ReadWrite | MMU::NoExecute | MMU::User));
+    TRY(MemoryManager::alloc_at_zeroed(THREAD_STACK_BASE, DEFAULT_USER_STACK_PAGES,
+                                       MMU::ReadWrite | MMU::NoExecute | MMU::User));

    auto guard = make_scope_guard([&] { MemoryManager::unmap_owned(THREAD_STACK_BASE, 4); });

@ -15,7 +19,7 @@ static Result<void> create_stacks(Stack& user_stack, Stack& kernel_stack)

    guard.deactivate();

-    user_stack = { THREAD_STACK_BASE, 4 * ARCH_PAGE_SIZE };
+    user_stack = { THREAD_STACK_BASE, DEFAULT_USER_STACK_SIZE };
    kernel_stack = { kernel_stack_base, 4 * ARCH_PAGE_SIZE };

    return {};