[src/trunk]: src/sys/kern 'error' is not set on failure. This is a true bug: ...

[maxv <maxv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/8f2aec16e883
branches:  trunk
changeset: 328798:8f2aec16e883
user:      maxv <maxv%NetBSD.org@localhost>
date:      Fri Apr 18 11:44:31 2014 +0000

description:
'error' is not set on failure. This is a true bug: everything is freed
and unlocked while zero is returned. Since there's no error, execve_runproc()
will get called and will try to use those freed things.

PS: This bug was here before uebayasi@'s changes

diffstat:

 sys/kern/kern_exec.c |  5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diffs (26 lines):

diff -r 0bb052ff6f8e -r 8f2aec16e883 sys/kern/kern_exec.c
--- a/sys/kern/kern_exec.c      Fri Apr 18 11:37:17 2014 +0000
+++ b/sys/kern/kern_exec.c      Fri Apr 18 11:44:31 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_exec.c,v 1.402 2014/04/18 06:59:32 uebayasi Exp $ */
+/*     $NetBSD: kern_exec.c,v 1.403 2014/04/18 11:44:31 maxv Exp $     */
 
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -59,7 +59,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.402 2014/04/18 06:59:32 uebayasi Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.403 2014/04/18 11:44:31 maxv Exp $");
 
 #include "opt_exec.h"
 #include "opt_execfmt.h"
@@ -732,6 +732,7 @@
        if (len > epp->ep_ssize) {
                /* in effect, compare to initial limit */
                DPRINTF(("%s: stack limit exceeded %zu\n", __func__, len));
+               error = ENOMEM;
                goto bad;
        }
        /* adjust "active stack depth" for process VSZ */