From 8b8dd2ec5ac0fe1620dc7a9ed650c4cda66d69cd Mon Sep 17 00:00:00 2001
From: Ben McAvoy <ben.mcavoy@tutanota.com>
Date: Sun, 12 Apr 2026 04:08:15 +0100
Subject: [PATCH] Use safer copy input buffer function on set user memory
 region

---
 virt/kvm/kvm_main.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 94e8152..6740ced 100755
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -2080,7 +2080,8 @@ NTSTATUS kvm_vm_ioctl(PDEVICE_OBJECT pDevObj, PIRP pIrp,
 		struct kvm_userspace_memory_region kvm_userspace_mem;
 
 		r = -EFAULT;
-		RtlCopyBytes(&kvm_userspace_mem, pIrp->AssociatedIrp.SystemBuffer, sizeof(kvm_userspace_mem));
+		if (aehdCopyInputBuffer(pIrp, 0, &kvm_userspace_mem, sizeof(kvm_userspace_mem)))
+			goto out;
 		r = kvm_vm_ioctl_set_memory_region(kvm, &kvm_userspace_mem);
 		break;
 	}