Fix range checking in safecopy.
This commit is contained in:
parent
8c69c6cd7f
commit
a53514d4a9
1 changed files with 2 additions and 2 deletions
|
@ -147,8 +147,8 @@ endpoint_t *e_granter; /* new granter (magic grants) */
|
||||||
/* Don't fiddle around with grants that wrap, arithmetic
|
/* Don't fiddle around with grants that wrap, arithmetic
|
||||||
* below may be confused.
|
* below may be confused.
|
||||||
*/
|
*/
|
||||||
if(MEM_TOP - g.cp_u.cp_direct.cp_len <
|
if(MEM_TOP - g.cp_u.cp_direct.cp_len + 1 <
|
||||||
g.cp_u.cp_direct.cp_start - 1) {
|
g.cp_u.cp_direct.cp_start) {
|
||||||
printf(
|
printf(
|
||||||
"verify_grant: direct grant verify failed: len too long\n");
|
"verify_grant: direct grant verify failed: len too long\n");
|
||||||
return EPERM;
|
return EPERM;
|
||||||
|
|
Loading…
Reference in a new issue