mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-11-22 23:50:19 +00:00
Kernel: Clear the region lookup cache on exec()
Each process has a 1-level lookup cache for fast repeated lookups of the same VM region (which tends to be the majority of lookups.) The cache is used by the following syscalls: munmap, madvise, mprotect and set_mmap_name. After a succesful exec(), there could be a stale Region* in the lookup cache, and the new executable was able to manipulate it using a number of use-after-free code paths.
This commit is contained in:
parent
5ce6215af7
commit
79576f9280
Notes:
sideshowbarker
2024-07-19 09:05:19 +09:00
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/79576f92808
1 changed files with 2 additions and 0 deletions
|
@ -952,6 +952,8 @@ int Process::do_exec(NonnullRefPtr<FileDescription> main_program_description, Ve
|
||||||
|
|
||||||
m_futex_queues.clear();
|
m_futex_queues.clear();
|
||||||
|
|
||||||
|
m_region_lookup_cache = {};
|
||||||
|
|
||||||
disown_all_shared_buffers();
|
disown_all_shared_buffers();
|
||||||
|
|
||||||
for (int i = 0; i < m_fds.size(); ++i) {
|
for (int i = 0; i < m_fds.size(); ++i) {
|
||||||
|
|
Loading…
Reference in a new issue