Kernel: Migrate sys$pledge to use the KString API

This avoids potential unhandled OOM that's possible with the old copy_string_from_user API.
author: Brian Gianforcaro <bgianf@serenityos.org> 2021-07-23 09:14:35 -0700
committer: Andreas Kling <kling@serenityos.org> 2021-07-23 19:02:25 +0200
commit: 36ff717c540873fcfc2f32accb9520e96e56b1cd (patch)
tree: 3b4f85d9eb6054a896cfbc386891d228978c8f17 /Kernel/Syscalls
parent: 8acbe033427fb798df97833bd8da6863657cd2fd (diff)
download: serenity-36ff717c540873fcfc2f32accb9520e96e56b1cd.zip
1 files changed, 15 insertions, 14 deletions
diff --git a/Kernel/Syscalls/pledge.cpp b/Kernel/Syscalls/pledge.cpp
index 07a46e49f8..ecd0a25b7b 100644
--- a/Kernel/Syscalls/pledge.cpp
+++ b/Kernel/Syscalls/pledge.cpp
@@ -19,21 +19,23 @@ KResultOr<FlatPtr> Process::sys$pledge(Userspace<const Syscall::SC_pledge_params
     if (params.promises.length > 1024 || params.execpromises.length > 1024)
         return E2BIG;
 
-    String promises;
+    OwnPtr<KString> promises;
     if (params.promises.characters) {
-        promises = copy_string_from_user(params.promises);
-        if (promises.is_null())
-            return EFAULT;
+        auto promises_or_error = try_copy_kstring_from_user(params.promises);
+        if (promises_or_error.is_error())
+            return promises_or_error.error();
+        promises = promises_or_error.release_value();
     }
 
-    String execpromises;
+    OwnPtr<KString> execpromises;
     if (params.execpromises.characters) {
-        execpromises = copy_string_from_user(params.execpromises);
-        if (execpromises.is_null())
-            return EFAULT;
+        auto execpromises_or_error = try_copy_kstring_from_user(params.execpromises);
+        if (execpromises_or_error.is_error())
+            return execpromises_or_error.error();
+        execpromises = execpromises_or_error.release_value();
     }
 
-    auto parse_pledge = [&](auto& pledge_spec, u32& mask) {
+    auto parse_pledge = [&](auto pledge_spec, u32& mask) {
         auto parts = pledge_spec.split_view(' ');
         for (auto& part : parts) {
 #define __ENUMERATE_PLEDGE_PROMISE(x)   \
@@ -50,20 +52,19 @@ KResultOr<FlatPtr> Process::sys$pledge(Userspace<const Syscall::SC_pledge_params
 
     ProtectedDataMutationScope scope { *this };
 
-    if (!promises.is_null()) {
+    if (promises) {
         u32 new_promises = 0;
-        if (!parse_pledge(promises, new_promises))
+        if (!parse_pledge(promises->view(), new_promises))
             return EINVAL;
         if (m_has_promises && (new_promises & ~m_promises))
             return EPERM;
-
         m_has_promises = true;
         m_promises = new_promises;
     }
 
-    if (!execpromises.is_null()) {
+    if (execpromises) {
         u32 new_execpromises = 0;
-        if (!parse_pledge(execpromises, new_execpromises))
+        if (!parse_pledge(execpromises->view(), new_execpromises))
             return EINVAL;
         if (m_has_execpromises && (new_execpromises & ~m_execpromises))
             return EPERM;
author	Brian Gianforcaro <bgianf@serenityos.org>	2021-07-23 09:14:35 -0700
committer	Andreas Kling <kling@serenityos.org>	2021-07-23 19:02:25 +0200
commit	36ff717c540873fcfc2f32accb9520e96e56b1cd (patch)
tree	3b4f85d9eb6054a896cfbc386891d228978c8f17 /Kernel/Syscalls
parent	8acbe033427fb798df97833bd8da6863657cd2fd (diff)
download	serenity-36ff717c540873fcfc2f32accb9520e96e56b1cd.zip