From 972dd5ead02b18dae9eb9e0fa4ce1b8d7fd1f54a Mon Sep 17 00:00:00 2001
From: John Hodge <tpg@mutabah.net>
Date: Wed, 19 Oct 2011 12:30:47 +0800
Subject: [PATCH] Kernel - Fixed error when checking syscall params

---
 Kernel/lib.c      | 4 ++++
 Kernel/syscalls.c | 7 +++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/Kernel/lib.c b/Kernel/lib.c
index 472351cb..4d65108a 100644
--- a/Kernel/lib.c
+++ b/Kernel/lib.c
@@ -854,10 +854,14 @@ int CheckString(const char *String)
 
 /**
  * \brief Check if a sized memory region is valid memory
+ * \return Boolean success
  */
 int CheckMem(const void *Mem, int NumBytes)
 {
 	tVAddr	addr = (tVAddr)Mem;
+
+	if( !MM_GetPhysAddr( addr ) )
+		return 0;
 	
 	if( MM_IsUser( addr ) )
 	{
diff --git a/Kernel/syscalls.c b/Kernel/syscalls.c
index 7de7b15d..9775be39 100644
--- a/Kernel/syscalls.c
+++ b/Kernel/syscalls.c
@@ -156,16 +156,19 @@ void SyscallHandler(tSyscallRegs *Regs)
 				CHECK_NUM_NONULL( &tmp[i], sizeof(char*) );
 				CHECK_STR_NONULL( tmp[i] );
 			}
+			if(ret == -1) break;
 			// Check EnvP also
 			// - EnvP can be NULL
 			if( Regs->Arg3 )
 			{
 				tmp = (char**)Regs->Arg3;
-				//Log("tmp = %p", tmp);
+				CHECK_NUM_NONULL(tmp, sizeof(char**));
+				Log("tmp = %p", tmp);
 				for(i=0;tmp[i];i++) {
-					CHECK_NUM_NULLOK( &tmp[i], sizeof(char*) );
+					CHECK_NUM_NONULL( &tmp[i], sizeof(char*) );
 					CHECK_STR_NONULL( tmp[i] );
 				}
+				if(ret == -1) break;
 			}
 		}
 		LEAVE('s', "Assuming 0");
-- 
GitLab