Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/kern Consistency checks for the length of the interprete...
details: https://anonhg.NetBSD.org/src/rev/6426dd7bd040
branches: trunk
changeset: 325378:6426dd7bd040
user: christos <christos%NetBSD.org@localhost>
date: Sat Dec 21 14:41:02 2013 +0000
description:
Consistency checks for the length of the interpreter (the length includes
the trailing NUL): make sure it is not empty and has the proper length.
>From Maxime Villard
diffstat:
sys/kern/exec_elf.c | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)
diffs (37 lines):
diff -r a5ca1fd2ac99 -r 6426dd7bd040 sys/kern/exec_elf.c
--- a/sys/kern/exec_elf.c Sat Dec 21 09:24:11 2013 +0000
+++ b/sys/kern/exec_elf.c Sat Dec 21 14:41:02 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: exec_elf.c,v 1.51 2013/11/14 12:07:11 martin Exp $ */
+/* $NetBSD: exec_elf.c,v 1.52 2013/12/21 14:41:02 christos Exp $ */
/*-
* Copyright (c) 1994, 2000, 2005 The NetBSD Foundation, Inc.
@@ -57,7 +57,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: exec_elf.c,v 1.51 2013/11/14 12:07:11 martin Exp $");
+__KERNEL_RCSID(1, "$NetBSD: exec_elf.c,v 1.52 2013/12/21 14:41:02 christos Exp $");
#ifdef _KERNEL_OPT
#include "opt_pax.h"
@@ -704,12 +704,16 @@
for (i = 0; i < eh->e_phnum; i++) {
pp = &ph[i];
if (pp->p_type == PT_INTERP) {
- if (pp->p_filesz >= MAXPATHLEN) {
+ if (pp->p_filesz < 2 || pp->p_filesz > MAXPATHLEN) {
error = ENOEXEC;
goto bad;
}
interp = PNBUF_GET();
- interp[0] = '\0';
+ /* Ensure interp is NUL-terminated and of the expected length */
+ if (strnlen(interp, pp->p_filesz) != pp->p_filesz - 1) {
+ error = ENOEXEC;
+ goto bad;
+ }
if ((error = exec_read_from(l, epp->ep_vp,
pp->p_offset, interp, pp->p_filesz)) != 0)
goto bad;
Home |
Main Index |
Thread Index |
Old Index