Only allow one PT_INTERP ELF program header
ClosedPublic
Actions

Authored by jtl on Dec 23 2015, 3:58 AM.

Details

Reviewers

kib
emaste
jhb

Commits

rS292676: Only allow one PT_INTERP ELF program header. This also fixes a potential

Summary

Only allow one PT_INTERP ELF program header. This fixes a memory leak introduced by rS289322 (D3871). When there is more than one PT_INTERP header with an offset beyond the first page, the code would allocate interp_buf multiple times, but only free the last allocation.

Because it doesn't make sense to have multiple PT_INTERP headers, we can eliminate the problem by just enforcing that restriction.

Test Plan

It compiles. I can still run ELF binaries with a single PT_INTERP program header.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jtl updated this revision to Diff 11624.Dec 23 2015, 3:58 AM

jtl retitled this revision from to Only allow one PT_INTERP ELF program header.

jtl updated this object.

jtl edited the test plan for this revision. (Show Details)

jtl added reviewers: kib, emaste, jhb.

Herald added a subscriber: imp. · View Herald TranscriptDec 23 2015, 3:58 AM

Similar, but less serious issue exists in the libexec/rtld-elf/map_object,c for PT_NOTE handler mmaping the note segment.

This revision is now accepted and ready to land.Dec 23 2015, 11:09 AM

Closed by commit rS292676: Only allow one PT_INTERP ELF program header. This also fixes a potential (authored by jtl). · Explain WhyDec 24 2015, 12:58 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

sys/

kern/

imgact_elf.c

5 lines

Diff 11653

View Options

head/sys/kern/imgact_elf.c

Only allow one PT_INTERP ELF program headerClosedPublicActions