From 7d3b041c09aa1d6cf532e64d24b75a7e5bd4d106 Mon Sep 17 00:00:00 2001
From: Tom Deseyn <tom.deseyn@gmail.com>
Date: Tue, 12 Sep 2023 07:43:45 +0200
Subject: [PATCH] Limit special diagnostics size region to 4KiB.

This fixes out-of-bounds access when trying to write the
diagnostics info on platforms where the PAGE_SIZE is larger
than the DumpWriter's 16KiB m_tempBuffer.
---
 src/coreclr/debug/createdump/crashinfo.cpp     | 2 +-
 src/coreclr/debug/createdump/specialdiaginfo.h | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/runtime/src/coreclr/debug/createdump/crashinfo.cpp b/src/runtime/src/coreclr/debug/createdump/crashinfo.cpp
index ef903767ba027..8af6ec4a54f5b 100644
--- a/src/runtime/src/coreclr/debug/createdump/crashinfo.cpp
+++ b/src/runtime/src/coreclr/debug/createdump/crashinfo.cpp
@@ -195,7 +195,7 @@ CrashInfo::GatherCrashInfo(DumpType dumpType)
         return false;
     }
     // Add the special (fake) memory region for the special diagnostics info
-    MemoryRegion special(PF_R, SpecialDiagInfoAddress, SpecialDiagInfoAddress + PAGE_SIZE);
+    MemoryRegion special(PF_R, SpecialDiagInfoAddress, SpecialDiagInfoAddress + SpecialDiagInfoSize);
     m_memoryRegions.insert(special);
 #ifdef __APPLE__
     InitializeOtherMappings();
diff --git a/src/runtime/src/coreclr/debug/createdump/specialdiaginfo.h b/src/runtime/src/coreclr/debug/createdump/specialdiaginfo.h
index 3a04a9f551e6d..a857129c9c91f 100644
--- a/src/runtime/src/coreclr/debug/createdump/specialdiaginfo.h
+++ b/src/runtime/src/coreclr/debug/createdump/specialdiaginfo.h
@@ -24,6 +24,8 @@ const uint64_t SpecialDiagInfoAddress = 0x7fff1000;
 #endif
 #endif
 
+const uint64_t SpecialDiagInfoSize = 0x1000;
+
 struct SpecialDiagInfoHeader
 {
     char Signature[16];