Allocate as much as is later read, didn't do harm though.
Further in the process the flat argument size is rounded up, but the actual allocation was done with the unaligned size causing an access beyond the allocation when later copying the flat arguments. It didn't do any actual harm as the block sizes of our allocator(s) use elements that have at least such an alignment.
This commit is contained in:
parent
b39f919dbf
commit
e62d9911ea
@ -1378,7 +1378,7 @@ copy_user_process_args(const char* const* userFlatArgs, size_t flatArgsSize,
|
||||
return B_BAD_ADDRESS;
|
||||
|
||||
// allocate kernel memory
|
||||
char** flatArgs = (char**)malloc(flatArgsSize);
|
||||
char** flatArgs = (char**)malloc(_ALIGN(flatArgsSize));
|
||||
if (flatArgs == NULL)
|
||||
return B_NO_MEMORY;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user