Page MenuHomeFreeBSD
Differential D10042

tighten buffer bounds in imgact_binmisc_populate_interp
ClosedPublic
Actions

Authored by emaste on Mar 17 2017, 7:32 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Apr 2, 4:22 AM
Unknown Object (File)
Wed, Apr 1, 11:39 PM
Unknown Object (File)
Wed, Apr 1, 11:06 AM
Unknown Object (File)
Sun, Mar 29, 6:49 AM
Unknown Object (File)
Fri, Mar 20, 6:27 AM
Unknown Object (File)
Thu, Mar 19, 8:40 AM
Unknown Object (File)
Dec 16 2025, 5:16 PM
Unknown Object (File)
Nov 20 2025, 11:19 PM
View All 97 Files
Subscribers
None

Details

Reviewers
sson
sbruno
Commits
rS315685: tighten buffer bounds in imgact_binmisc_populate_interp
Summary

We must ensure there's space for the terminating null in the temporary buffer in imgact_binmisc_populate_interp().

Note that there is not a possible buffer overflow here, because xbe->xbe_interpreter's length and null termination is checked in imgact_binmisc_add_entry() before imgact_binmisc_populate_interp() is called, but the latter should correctly enforce its own bounds.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste created this revision.Mar 17 2017, 7:32 PM
emaste edited the summary of this revision. (Show Details)Mar 17 2017, 7:35 PM
sbruno accepted this revision.Mar 21 2017, 3:03 PM
This revision is now accepted and ready to land.Mar 21 2017, 3:03 PM
Closed by commit rS315685: tighten buffer bounds in imgact_binmisc_populate_interp (authored by emaste). · Explain WhyMar 21 2017, 6:02 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
2 lines

Diff 26502

View Options

head/sys/kern/imgact_binmisc.c

Loading...