Vulnerability in readlink

klange / toaruos

A completely-from-scratch hobby operating system: bootloader, kernel, drivers, C library, and userspace including a composited graphical UI, dynamic linker, syntax-highlighting text editor, network stack, etc.

https://toaruos.org/

University of Illinois/NCSA Open Source License

6.03k stars 475 forks source link

Vulnerability in readlink #250

Closed rgimad closed 1 year ago

rgimad commented 1 year ago

From turbocat2001:

It was possible to crash the kernel when specifying the kernel address for the buffer in readlink. Potentially, you can write an exploit (but I'm too lazy). Apparently missed PTRCHECK(ptr) in sys_readlink. P. S. I just wanted to help the project, but for some reason I was banned :(.

klange commented 1 year ago

I will consider unblocking turbocat2001. The bug report is appreciated.