Page MenuHomeFreeBSD
Files F150462561

D15683.id43392.diff
No OneTemporary
Actions

D15683.id43392.diff
View Options

Index: sys/kern/imgact_elf.c
===================================================================
--- sys/kern/imgact_elf.c
+++ sys/kern/imgact_elf.c
@@ -839,11 +839,6 @@
break;
case PT_INTERP:
/* Path to interpreter */
- if (phdr[i].p_filesz > MAXPATHLEN) {
- uprintf("Invalid PT_INTERP\n");
- error = ENOEXEC;
- goto ret;
- }
if (interp != NULL) {
uprintf("Multiple PT_INTERP headers\n");
error = ENOEXEC;
@@ -870,6 +865,12 @@
interp = __DECONST(char *, imgp->image_header) +
phdr[i].p_offset;
}
+ if (interp != NULL && strlen(interp) >= MAXPATHLEN) {
+ uprintf("Invalid PT_INTERP (to long)\n");
+ error = ENOEXEC;
+ VOP_UNLOCK(imgp->vp, 0);
+ goto ret;
+ }
break;
case PT_GNU_STACK:
if (__elfN(nxstack))
@@ -1088,7 +1089,8 @@
imgp->proc->p_elf_flags = hdr->e_flags;
ret:
- free(interp_buf, M_TEMP);
+ if (interp_buf != NULL)
+ free(interp_buf, M_TEMP);
return (error);
}

File Metadata

Mime Type
text/plain
Expires
Thu, Apr 2, 10:29 AM (4 h, 21 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
30718767
Default Alt Text
D15683.id43392.diff (967 B)

Event Timeline