Kernel: apply x86 copy overflow check to ARM

Apply the x86 overflow check from git-d09f72c to ARM code as well.
Not just stack traces, but also system services can trigger this
case, possibly as a result of being handed bad pointers by userland,
ending in a kernel panic.

Change-Id: Ib817e8b682fafec8edb486a094319ad11eda7081

diff --git a/minix/kernel/arch/earm/memory.c b/minix/kernel/arch/earm/memory.c
index 5f675cc0a07c945e5d2ede07e049daf7a0a66bdf..d56d42a691b8df00d629702153f86bd2a176e345 100644 (file)
--- a/minix/kernel/arch/earm/memory.c
+++ b/minix/kernel/arch/earm/memory.c
@@ -193,9 +193,13 @@ static int lin_lin_copy(struct proc *srcproc, vir_bytes srclinaddr,
                /* Set up 1MB ranges. */
                srcptr = createpde(srcproc, srclinaddr, &chunk, 0, &changed);
                dstptr = createpde(dstproc, dstlinaddr, &chunk, 1, &changed);
-               if(changed) {
+               if(changed)
                        reload_ttbr0();
-               }
+
+               /* Check for overflow. */
+               if (srcptr + chunk < srcptr) return EFAULT_SRC;
+               if (dstptr + chunk < dstptr) return EFAULT_DST;
+
                /* Copy pages. */
                PHYS_COPY_CATCH(srcptr, dstptr, chunk, addr);