From a0a4030dd3ef572186c802aa7956157174499777 Mon Sep 17 00:00:00 2001
From: Jonas 'Sortie' Termansen <sortie@maxsi.org>
Date: Mon, 25 Apr 2022 23:44:23 +0200
Subject: [PATCH] Fix kernelinfo(2) user-space pointer deference.

---
 kernel/kernelinfo.cpp | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/kernel/kernelinfo.cpp b/kernel/kernelinfo.cpp
index 545da963..db964cbc 100644
--- a/kernel/kernelinfo.cpp
+++ b/kernel/kernelinfo.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2015 Jonas 'Sortie' Termansen.
+ * Copyright (c) 2012, 2015, 2022 Jonas 'Sortie' Termansen.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -45,15 +45,19 @@ static const char* KernelInfo(const char* req)
 	return NULL;
 }
 
-ssize_t sys_kernelinfo(const char* req, char* resp, size_t resplen)
+ssize_t sys_kernelinfo(const char* user_req, char* user_resp, size_t resplen)
 {
+	char* req = GetStringFromUser(user_req);
+	if ( !req )
+		return -1;
 	const char* str = KernelInfo(req);
+	delete[] req;
 	if ( !str )
 		return errno = EINVAL, -1;
 	size_t stringlen = strlen(str);
 	if ( resplen < stringlen + 1 )
 		return errno = ERANGE, (ssize_t) stringlen;
-	if ( !CopyToUser(resp, str, sizeof(char) * (stringlen + 1)) )
+	if ( !CopyToUser(user_resp, str, sizeof(char) * (stringlen + 1)) )
 		return -1;
 	return 0;
 }