From aa372c92aceb71796cc4d7c4a51bda1fd44bf45e Mon Sep 17 00:00:00 2001
From: Dmitry Starodubov <dmitry.starodubov@red-soft.ru>
Date: Fri, 24 May 2024 14:21:20 +0300
Subject: [PATCH] Fixed possible buffer overflow on system privileges lookup
 during user mapping (#8126)

---
 src/jrd/Mapping.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/jrd/Mapping.cpp b/src/jrd/Mapping.cpp
index 0d76154fdf..38eb60df61 100644
--- a/src/jrd/Mapping.cpp
+++ b/src/jrd/Mapping.cpp
@@ -1162,7 +1162,11 @@ private:
 					g |= l;
 				}
 
-				ULONG gg = 0; g.store(&gg);
+				FB_UINT64 gg = 0;
+				static_assert(sizeof(gg) >= g.BYTES_COUNT,
+					"The value for storing system privileges is too small");
+
+				g.store(&gg);
 				MAP_DEBUG(fprintf(stderr, "poprole %s 0x%x\n", key.c_str(), gg));
 				put(key, g);
 			}