Virtualization/capstone
1
0
Fork 0
mirror of https://gitlab.com/qemu-project/capstone.git synced 2025-09-17 02:01:15 +08:00
Code Issues Projects Releases Wiki Activity

Fix an integer overflow issue (#871)

Browse Source 
* provide a validity check to prevent against Integer overflow conditions

* fix some style issues.

* provide a validity check in malloc() function to prevent against integer overflow conditions

* missing Ntintsafe.h

* use tabs for indentation
This commit is contained in:
Quang Nguyễn
2017-03-20 19:13:14 +07:00
committed by Nguyen Anh Quynh
parent 5be7444c09
commit 85f4b8f7d9
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
contrib/windows_kernel/libc.cpp
View File

@ -5,6 +5,7 @@
#include "libc.h"
#include <memory>
#include <Ntintsafe.h>
#pragma warning(push)
#pragma warning (disable : 4565)
@ -33,10 +34,17 @@ __cdecl malloc(
__in size_t size
)
{
/* A specially crafted size value can trigger the overflow.
If the sum in a value that overflows or underflows the capacity of the type,
the function returns nullptr. */
size_t number_of_bytes = 0;
if (!NT_SUCCESS(RtlSizeTAdd(size, sizeof(MEMBLOCK), &number_of_bytes))){
return nullptr;
}
MEMBLOCK *pBlock = static_cast<MEMBLOCK*>(
ExAllocatePoolWithTag(
NonPagedPoolNxCacheAligned,
size + sizeof(MEMBLOCK),
number_of_bytes,
_LIBC_POOL_TAG));
if (nullptr == pBlock)