From 30ca5564f87667468dfee392f7abf8aec497cb33 Mon Sep 17 00:00:00 2001
From: Joshua Peraza <jperaza@chromium.org>
Date: Mon, 31 Oct 2022 11:37:21 -0700
Subject: [PATCH] Validate number of bytes read

Bug: chromium:1380083
Change-Id: I54a0dfb72b586638124ecc4150f0b90b9e1aa1d5
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3994208
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
---
 util/linux/ptrace_client.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/util/linux/ptrace_client.cc b/util/linux/ptrace_client.cc
index be5df2a4..c04ca5b4 100644
--- a/util/linux/ptrace_client.cc
+++ b/util/linux/ptrace_client.cc
@@ -331,6 +331,11 @@ ssize_t PtraceClient::ReadUpTo(VMAddress address, size_t size, void* buffer) {
       return total_read;
     }
 
+    if (static_cast<size_t>(bytes_read) > size) {
+      LOG(ERROR) << "invalid size " << bytes_read;
+      return -1;
+    }
+
     if (!LoggingReadFileExactly(sock_, buffer_c, bytes_read)) {
       return -1;
     }