KASSERT in exec_elf.c for DYN executable when p_align==0

To: tech-kern%NetBSD.org@localhost
Subject: KASSERT in exec_elf.c for DYN executable when p_align==0
From: Alexander Nasonov <alnsn%yandex.ru@localhost>
Date: Sat, 17 Mar 2018 22:57:22 +0000

Coverity (CID 1427746) complains about a division by zero when
align is 0 in all PT_LOAD headers.

I tried reproducing the problem but the code in question is inside
'if (offset < epp->ep_vm_minaddr)' and it isn't easily reproducable.

However, I hit KASSERT panic:

"(offset & (align - 1)) == 0" file sys/kern/exec_elf.c, line 139.

Steps to reproduce (on amd64 compiled with MKPIE=yes):

bvi -s 0x0e2 /bin/echo # change 20 to 00
bvi -s 0x11a /bin/echo # change 20 to 00

/bin/echo # boom!

I would be nice to perform sanity checks of tainted executable
instead of panicing.

-- 
Alex

Follow-Ups:
- Re: KASSERT in exec_elf.c for DYN executable when p_align==0
  - From: Christos Zoulas
- Re: KASSERT in exec_elf.c for DYN executable when p_align==0
  - From: Alexander Nasonov

Prev by Date: Re: fallocate for FFS anyone working on this ?
Next by Date: Re: KASSERT in exec_elf.c for DYN executable when p_align==0
Previous by Thread: fallocate for FFS anyone working on this ?
Next by Thread: Re: KASSERT in exec_elf.c for DYN executable when p_align==0
Indexes:

Home | Main Index | Thread Index | Old Index