LibSymbolication: Fix integer overflow when calculating region addresses

1 files changed, 7 insertions, 1 deletions

diff --git a/Userland/Libraries/LibSymbolication/Symbolication.cpp b/Userland/Libraries/LibSymbolication/Symbolication.cpp
index 4199790ecc..745b14fb0c 100644
--- a/Userland/Libraries/LibSymbolication/Symbolication.cpp
+++ b/Userland/Libraries/LibSymbolication/Symbolication.cpp
@@ -4,6 +4,7 @@
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
+#include <AK/Checked.h>
 #include <AK/JsonArray.h>
 #include <AK/JsonObject.h>
 #include <AK/JsonValue.h>
@@ -192,7 +193,12 @@ Vector<Symbol> symbolicate_thread(pid_t pid, pid_t tid)
     for (auto address : stack) {
         const RegionWithSymbols* found_region = nullptr;
         for (auto& region : regions) {
-            if (address >= region.base && address < (region.base + region.size)) {
+            FlatPtr region_end;
+            if (Checked<FlatPtr>::addition_would_overflow(region.base, region.size))
+                region_end = NumericLimits<FlatPtr>::max();
+            else
+                region_end = region.base + region.size;
+            if (address >= region.base && address < region_end) {
                 found_region = &region;
                 break;
             }