Limit special diagnostics size region to 4KiB.

This fixes out-of-bounds access when trying to write the diagnostics info on platforms where the PAGE_SIZE is larger than the DumpWriter's 16KiB m_tempBuffer.
dotnet · Sep 12, 2023 · 7d3b041 · 7d3b041
1 parent de0ab15
commit 7d3b041
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/src/coreclr/debug/createdump/crashinfo.cpp b/src/coreclr/debug/createdump/crashinfo.cpp
@@ -195,7 +195,7 @@ CrashInfo::GatherCrashInfo(DumpType dumpType)
         return false;
     }
     // Add the special (fake) memory region for the special diagnostics info
-    MemoryRegion special(PF_R, SpecialDiagInfoAddress, SpecialDiagInfoAddress + PAGE_SIZE);
+    MemoryRegion special(PF_R, SpecialDiagInfoAddress, SpecialDiagInfoAddress + SpecialDiagInfoSize);
     m_memoryRegions.insert(special);
 #ifdef __APPLE__
     InitializeOtherMappings();

diff --git a/src/coreclr/debug/createdump/specialdiaginfo.h b/src/coreclr/debug/createdump/specialdiaginfo.h
@@ -24,6 +24,8 @@ const uint64_t SpecialDiagInfoAddress = 0x7fff1000;
 #endif
 #endif
 
+const uint64_t SpecialDiagInfoSize = 0x1000;
+
 struct SpecialDiagInfoHeader
 {
     char Signature[16];
-Original file line number
+Diff line change
@@ Expand Up / @@ -24,6 +24,8 @@ const uint64_t SpecialDiagInfoAddress = 0x7fff1000; @@
     #endif
     #endif
+    const uint64_t SpecialDiagInfoSize = 0x1000;
     struct SpecialDiagInfoHeader
     {
         char Signature[16];
@@ Expand Down @@