From ebce1719ac0a2a71b64742ecf1c9ec2497a65a55 Mon Sep 17 00:00:00 2001 From: Patrick Venture Date: Wed, 26 Jan 2022 13:25:59 -0800 Subject: linux-user: sigprocmask check read perms first Linux kernel now checks the read permissions before validating `how` Suggested-by: Laurent Vivier Signed-off-by: Patrick Venture Reviewed-by: Laurent Vivier Message-Id: <20220126212559.1936290-3-venture@google.com> [lv: remove unneeded ")"] Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'linux-user') diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 9f8b497..84cfa22 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -9435,6 +9435,13 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, int how; if (arg2) { + p = lock_user(VERIFY_READ, arg2, sizeof(target_sigset_t), 1); + if (!p) { + return -TARGET_EFAULT; + } + target_to_host_old_sigset(&set, p); + unlock_user(p, arg2, 0); + set_ptr = &set; switch (arg1) { case TARGET_SIG_BLOCK: how = SIG_BLOCK; @@ -9448,11 +9455,6 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, default: return -TARGET_EINVAL; } - if (!(p = lock_user(VERIFY_READ, arg2, sizeof(target_sigset_t), 1))) - return -TARGET_EFAULT; - target_to_host_old_sigset(&set, p); - unlock_user(p, arg2, 0); - set_ptr = &set; } else { how = 0; set_ptr = NULL; -- cgit v1.1