c89fe8a6a3
Our syscall calling convention only allows passing up to 3 arguments in
registers. For syscalls that take more arguments, we bake them into a
struct and pass a pointer to that struct instead.
When doing pointer validation, this is what we would do:
1) Validate the "params" struct
2) Validate "params->some_pointer"
3) ... other stuff ...
4) Use "params->some_pointer"
Since the parameter struct is stored in userspace, it can be modified
by userspace after validation has completed.
This was a recurring pattern in many syscalls that was further hidden
by me using structured binding declarations to give convenient local
names to things in the parameter struct:
auto& [some_pointer, ...] = *params;
memcpy(some_pointer, ...);
This devilishly makes "some_pointer" look like a local variable but
it's actually more like an alias for "params->some_pointer" and will
expand to a dereference when accessed!
This patch fixes the issues by explicitly copying out each member from
the parameter structs before validating them, and then never using
the "param" pointers beyond that.
Thanks to braindead for finding this bug! :^)
|
||
|---|---|---|
| .github | ||
| AK | ||
| Applications | ||
| Base | ||
| Demos | ||
| DevTools | ||
| Documentation | ||
| Games | ||
| Kernel | ||
| Libraries | ||
| MenuApplets | ||
| Meta | ||
| Ports | ||
| Servers | ||
| Shell | ||
| Toolchain | ||
| Userland | ||
| .clang-format | ||
| .gitignore | ||
| .travis.yml | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| INSTALL.md | ||
| LICENSE | ||
| Makefile | ||
| Makefile.common | ||
| Makefile.subdir | ||
| ReadMe.md | ||
SerenityOS
Graphical Unix-like operating system for x86 computers.
About
SerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.
Roughly speaking, the goal is a marriage between the aesthetic of late-1990s productivity software and the power-user accessibility of late-2000s *nix. This is a system by me, for me, based on the things I like.
If you like some of the same things, you are welcome to join the project. It would be great to one day change the above to say "this is a system by us, for us, based on the things we like." :^)
I regularly post raw hacking sessions and demos on my YouTube channel.
Sometimes I write about the system on my github.io blog.
I'm also on Patreon and GitHub Sponsors if you would like to show some support that way.
Screenshot
Current features (all under development, some more mature than others)
- Pre-emptive multitasking
- Multithreading
- Compositing window server
- IPv4 networking with ARP, TCP, UDP and ICMP
- ext2 filesystem
- Unix-like libc and userland
- POSIX signals
- Shell with pipes and I/O redirection
- mmap()
- Purgeable memory
- /proc filesystem
- Local sockets
- Pseudoterminals (with /dev/pts filesystem)
- Filesystem notifications
- JSON framework
- Low-level utility library (LibCore)
- Mid-level 2D graphics library (LibDraw)
- High-level GUI library (LibGUI)
- HTML/CSS engine
- Web browser
- C++ IDE
- Sampling profiler with GUI
- Emojis (UTF-8)
- HTTP downloads
- SoundBlaster 16 driver
- Software-mixing sound daemon
- WAV playback
- Simple desktop piano/synthesizer
- Visual GUI design tool
- PNG format support
- Text editor
- IRC client
- Simple painting application
- DNS lookup
- Desktop games: Minesweeper and Snake
- Color theming
- Ports system (needs more packages!)
- Other stuff I can't think of right now...
How do I build and run this?
See the SerenityOS build instructions
Wanna talk?
Come chat with us in #serenityos on the Freenode IRC network.
Author
- Andreas Kling - awesomekling
Contributors
(And many more!) Feel free to append yourself here if you've made some sweet contributions. :)
License
SerenityOS is licensed under a 2-clause BSD license.