From 91cc452e90f97c60f0dfa11cbfa4ca1d8d1d52cf Mon Sep 17 00:00:00 2001
From: Augustin Cavalier <waddlesplash@gmail.com>
Date: Sat, 19 Oct 2019 12:42:32 -0400
Subject: [PATCH] kernel/fs: Add missing IS_USER_ADDRESS check in
 user_vector_io.

This reinstates commit 2b5ebfcfd578f177968c5b923e5ccd6eb0195674.

According to the POSIX specification, a NULL iov_base means
"do nothing." So we should treat that as such properly,
and not consider it an invalid address.

Fixes #15356.
---
 src/system/kernel/fs/fd.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/system/kernel/fs/fd.cpp b/src/system/kernel/fs/fd.cpp
index 837d1d07a0..e7e1dc68cc 100644
--- a/src/system/kernel/fs/fd.cpp
+++ b/src/system/kernel/fs/fd.cpp
@@ -822,6 +822,15 @@ common_user_vector_io(int fd, off_t pos, const iovec* userVecs, size_t count,
 
 	ssize_t bytesTransferred = 0;
 	for (uint32 i = 0; i < count; i++) {
+		if (vecs[i].iov_base == NULL)
+			continue;
+		if (!IS_USER_ADDRESS(vecs[i].iov_base)) {
+			status = B_BAD_ADDRESS;
+			if (bytesTransferred == 0)
+				return status;
+			break;
+		}
+
 		size_t length = vecs[i].iov_len;
 		if (write) {
 			status = descriptor->ops->fd_write(descriptor, pos,