Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src/sys/kern Pull up following revision(s) (requested by maxv...



details:   https://anonhg.NetBSD.org/src/rev/a2986cc711d6
branches:  netbsd-8
changeset: 434516:a2986cc711d6
user:      snj <snj%NetBSD.org@localhost>
date:      Mon Jan 01 18:58:32 2018 +0000

description:
Pull up following revision(s) (requested by maxv in ticket #465):
        sys/kern/kern_proc.c: revision 1.209
If no auxv is present, don't kmem_alloc(0). Easy to panic the kernel by
typing 'cat /proc/aout_pid/auxv' on whatever a.out binary you're running.
Fortunately, amd64 does not enable EXEC_AOUT by default. Unfortunately,
i386 does enable it by default.

diffstat:

 sys/kern/kern_proc.c |  11 +++++++----
 1 files changed, 7 insertions(+), 4 deletions(-)

diffs (40 lines):

diff -r d2d047c7c22b -r a2986cc711d6 sys/kern/kern_proc.c
--- a/sys/kern/kern_proc.c      Sat Dec 23 19:56:01 2017 +0000
+++ b/sys/kern/kern_proc.c      Mon Jan 01 18:58:32 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_proc.c,v 1.206 2017/03/30 20:17:11 christos Exp $ */
+/*     $NetBSD: kern_proc.c,v 1.206.6.1 2018/01/01 18:58:32 snj Exp $  */
 
 /*-
  * Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.206 2017/03/30 20:17:11 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.206.6.1 2018/01/01 18:58:32 snj Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_kstack.h"
@@ -2477,16 +2477,19 @@
        struct ps_strings pss;
        int error;
        void *uauxv, *kauxv;
+       size_t size;
 
        if ((error = copyin_psstrings(p, &pss)) != 0)
                return error;
+       if (pss.ps_envstr == NULL)
+               return EIO;
 
-       if (pss.ps_envstr == NULL)
+       size = p->p_execsw->es_arglen;
+       if (size == 0)
                return EIO;
 
        size_t ptrsz = PROC_PTRSZ(p);
        uauxv = (void *)((char *)pss.ps_envstr + (pss.ps_nenvstr + 1) * ptrsz);
-       size_t size = p->p_execsw->es_arglen;
 
        kauxv = kmem_alloc(size, KM_SLEEP);
 



Home | Main Index | Thread Index | Old Index