Page MenuHomeFreeBSD
Differential D10042

tighten buffer bounds in imgact_binmisc_populate_interp
ClosedPublic
Actions

Authored by emaste on Mar 17 2017, 7:32 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Apr 29, 4:47 AM
Unknown Object (File)
Tue, Apr 28, 9:28 AM
Unknown Object (File)
Tue, Apr 28, 5:56 AM
Unknown Object (File)
Tue, Apr 28, 4:25 AM
Unknown Object (File)
Mon, Apr 27, 11:55 PM
Unknown Object (File)
Thu, Apr 23, 9:41 AM
Unknown Object (File)
Tue, Apr 21, 5:04 AM
Unknown Object (File)
Mon, Apr 20, 11:18 AM
View All Files
Subscribers
None

Details

Reviewers
sson
sbruno
Commits
rS315685: tighten buffer bounds in imgact_binmisc_populate_interp
Summary

We must ensure there's space for the terminating null in the temporary buffer in imgact_binmisc_populate_interp().

Note that there is not a possible buffer overflow here, because xbe->xbe_interpreter's length and null termination is checked in imgact_binmisc_add_entry() before imgact_binmisc_populate_interp() is called, but the latter should correctly enforce its own bounds.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste created this revision.Mar 17 2017, 7:32 PM
emaste edited the summary of this revision. (Show Details)Mar 17 2017, 7:35 PM
sbruno accepted this revision.Mar 21 2017, 3:03 PM
This revision is now accepted and ready to land.Mar 21 2017, 3:03 PM
Closed by commit rS315685: tighten buffer bounds in imgact_binmisc_populate_interp (authored by emaste). · Explain WhyMar 21 2017, 6:02 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
2 lines

Diff 26502

View Options

head/sys/kern/imgact_binmisc.c

Loading...