From cd29eb7867c07c8236deb7650fbbb51b5a36e88e Mon Sep 17 00:00:00 2001
From: Brian Gianforcaro <bgianf@serenityos.org>
Date: Thu, 29 Apr 2021 01:11:24 -0700
Subject: [PATCH] Kernel: Harden sys$sendmsg / sys$recvmsg Vector usage against
 OOM.

---
 Kernel/Syscalls/socket.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Kernel/Syscalls/socket.cpp b/Kernel/Syscalls/socket.cpp
index e858898693a..13ffd8d9f62 100644
--- a/Kernel/Syscalls/socket.cpp
+++ b/Kernel/Syscalls/socket.cpp
@@ -178,7 +178,8 @@ KResultOr<ssize_t> Process::sys$sendmsg(int sockfd, Userspace<const struct msghd
     if (msg.msg_iovlen != 1)
         return ENOTSUP; // FIXME: Support this :)
     Vector<iovec, 1> iovs;
-    iovs.resize(msg.msg_iovlen);
+    if (!iovs.try_resize(msg.msg_iovlen))
+        return ENOMEM;
     if (!copy_n_from_user(iovs.data(), msg.msg_iov, msg.msg_iovlen))
         return EFAULT;
 
@@ -213,7 +214,8 @@ KResultOr<ssize_t> Process::sys$recvmsg(int sockfd, Userspace<struct msghdr*> us
     if (msg.msg_iovlen != 1)
         return ENOTSUP; // FIXME: Support this :)
     Vector<iovec, 1> iovs;
-    iovs.resize(msg.msg_iovlen);
+    if (!iovs.try_resize(msg.msg_iovlen))
+        return ENOMEM;
     if (!copy_n_from_user(iovs.data(), msg.msg_iov, msg.msg_iovlen))
         return EFAULT;