Add bounds check for pteindex / pdeindex

author: emaste <emaste@FreeBSD.org> 2014-02-12 15:57:38 +0000
committer: emaste <emaste@FreeBSD.org> 2014-02-12 15:57:38 +0000
commit: 196c663f8db68c43aacecf1e73eb8241b59deab8 (patch)
tree: 073d03c05f8e278e8c90f2433a01a213eee07d02 /lib/libkvm
parent: 02cb746956a63297f09cf799fffa2fc95119236b (diff)
download: FreeBSD-src-196c663f8db68c43aacecf1e73eb8241b59deab8.zip
FreeBSD-src-196c663f8db68c43aacecf1e73eb8241b59deab8.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/libkvm/kvm_minidump_amd64.c b/lib/libkvm/kvm_minidump_amd64.c
index 8d31673..779fa97 100644
--- a/lib/libkvm/kvm_minidump_amd64.c
+++ b/lib/libkvm/kvm_minidump_amd64.c
@@ -214,6 +214,8 @@ _kvm_minidump_vatop_v1(kvm_t *kd, u_long va, off_t *pa)
 
 	if (va >= vm->hdr.kernbase) {
 		pteindex = (va - vm->hdr.kernbase) >> PAGE_SHIFT;
+		if (pteindex >= vm->hdr.pmapsize / sizeof(*vm->page_map))
+			goto invalid;
 		pte = vm->page_map[pteindex];
 		if (((u_long)pte & PG_V) == 0) {
 			_kvm_err(kd, kd->program, "_kvm_vatop: pte not valid");
@@ -264,6 +266,8 @@ _kvm_minidump_vatop(kvm_t *kd, u_long va, off_t *pa)
 
 	if (va >= vm->hdr.kernbase) {
 		pdeindex = (va - vm->hdr.kernbase) >> PDRSHIFT;
+		if (pdeindex >= vm->hdr.pmapsize / sizeof(*vm->page_map))
+			goto invalid;
 		pde = vm->page_map[pdeindex];
 		if (((u_long)pde & PG_V) == 0) {
 			_kvm_err(kd, kd->program, "_kvm_vatop: pde not valid");
author	emaste <emaste@FreeBSD.org>	2014-02-12 15:57:38 +0000
committer	emaste <emaste@FreeBSD.org>	2014-02-12 15:57:38 +0000
commit	196c663f8db68c43aacecf1e73eb8241b59deab8 (patch)
tree	073d03c05f8e278e8c90f2433a01a213eee07d02 /lib/libkvm
parent	02cb746956a63297f09cf799fffa2fc95119236b (diff)
download	FreeBSD-src-196c663f8db68c43aacecf1e73eb8241b59deab8.zip FreeBSD-src-196c663f8db68c43aacecf1e73eb8241b59deab8.tar.gz