From 08df67eef2eca4a9eb792f1d98cc2d49b094c555 Mon Sep 17 00:00:00 2001
From: Jonas 'Sortie' Termansen <sortie@maxsi.org>
Date: Sun, 19 Jan 2014 18:09:11 +0100
Subject: [PATCH] Fix insecure user-space pointer dereferences in sys_memstat.

---
 sortix/memorymanagement.cpp | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/sortix/memorymanagement.cpp b/sortix/memorymanagement.cpp
index fdd83533..fb83a02f 100644
--- a/sortix/memorymanagement.cpp
+++ b/sortix/memorymanagement.cpp
@@ -50,11 +50,10 @@ static int sys_memstat(size_t* memused, size_t* memtotal)
 	size_t used;
 	size_t total;
 	Statistics(&used, &total);
-	// TODO: Check if legal user-space buffers!
-	if ( memused )
-		*memused = used;
-	if ( memtotal )
-		*memtotal = total;
+	if ( memused && !CopyToUser(memused, &used, sizeof(used)) )
+		return -1;
+	if ( memtotal && !CopyToUser(memtotal, &total, sizeof(used)) )
+		return -1;
 	return 0;
 }