Attachment #8762 for bug #18209

View | Details | Raw Unified | Return to bug 18209
Collapse All | Expand All




		return ENOEXEC;
	}
	phdr = (const Elf_Phdr*)(imgp->image_header + hdr->e_phoff);

	/* we better check rlimits *before* new vmspace is exec()-ed */
	for (i = 0; i < hdr->e_phnum; i++) {
		if (phdr[i].p_type == PT_LOAD) {	/* Loadable segment */
			/*
			 * Is this .text or .data ??
			 *
			 * We only handle one each of those yet XXX
			 */
			if (hdr->e_entry >= phdr[i].p_vaddr &&
			hdr->e_entry <(phdr[i].p_vaddr+phdr[i].p_memsz)) {
  				text_addr = trunc_page(phdr[i].p_vaddr);
  				text_size = round_page(phdr[i].p_memsz +
						       phdr[i].p_vaddr -
						       text_addr);
				entry = (u_long)hdr->e_entry;
			} else {
  				data_addr = trunc_page(phdr[i].p_vaddr);
  				data_size = round_page(phdr[i].p_memsz +
						       phdr[i].p_vaddr -
						       data_addr);
			}
		}
	}
	

	if (text_size > MAXTSIZ ||
	    text_size + data_size >
		imgp->proc->p_rlimit[RLIMIT_DATA].rlim_cur) {
		error = ENOMEM ;
		goto fail ;
	}

	/*
	 * From this point on, we may have resources that need to be freed.
	 */

  						     phdr[i].p_memsz,
  						     phdr[i].p_filesz, prot)) != 0)
  				goto fail;

			/*
			 * Is this .text or .data ??
			 *
			 * We only handle one each of those yet XXX
			 */
			if (hdr->e_entry >= phdr[i].p_vaddr &&
			hdr->e_entry <(phdr[i].p_vaddr+phdr[i].p_memsz)) {
  				text_addr = trunc_page(phdr[i].p_vaddr);
  				text_size = round_page(phdr[i].p_memsz +
						       phdr[i].p_vaddr -
						       text_addr);
				entry = (u_long)hdr->e_entry;
			} else {
  				data_addr = trunc_page(phdr[i].p_vaddr);
  				data_size = round_page(phdr[i].p_memsz +
						       phdr[i].p_vaddr -
						       data_addr);
			}
			break;
	  	case PT_INTERP:	/* Path to interpreter */
			if (phdr[i].p_filesz > MAXPATHLEN ||

Return to bug 18209

Lines 451-457 Link Here

(-)kern/imgact_elf.c (-19 / +32 lines)
451	return ENOEXEC;	451	return ENOEXEC;
452	}	452	}
453	phdr = (const Elf_Phdr*)(imgp->image_header + hdr->e_phoff);	453	phdr = (const Elf_Phdr*)(imgp->image_header + hdr->e_phoff);
		454
		455	/* we better check rlimits before new vmspace is exec()-ed */
		456	for (i = 0; i < hdr->e_phnum; i++) {
		457	if (phdr[i].p_type == PT_LOAD) { /* Loadable segment */
		458	/*
		459	* Is this .text or .data ??
		460	*
		461	* We only handle one each of those yet XXX
		462	*/
		463	if (hdr->e_entry >= phdr[i].p_vaddr &&
		464	hdr->e_entry <(phdr[i].p_vaddr+phdr[i].p_memsz)) {
		465	text_addr = trunc_page(phdr[i].p_vaddr);
		466	text_size = round_page(phdr[i].p_memsz +
		467	phdr[i].p_vaddr -
		468	text_addr);
		469	entry = (u_long)hdr->e_entry;
		470	} else {
		471	data_addr = trunc_page(phdr[i].p_vaddr);
		472	data_size = round_page(phdr[i].p_memsz +
		473	phdr[i].p_vaddr -
		474	data_addr);
		475	}
		476	}
		477	}
454		478
		479
		480	if (text_size > MAXTSIZ \|\|
		481	text_size + data_size >
		482	imgp->proc->p_rlimit[RLIMIT_DATA].rlim_cur) {
		483	error = ENOMEM ;
		484	goto fail ;
		485	}
		486
455	/*	487	/*
456	* From this point on, we may have resources that need to be freed.	488	* From this point on, we may have resources that need to be freed.
457	*/	489	*/
Lines 481-505 Link Here
481	phdr[i].p_memsz,	513	phdr[i].p_memsz,
482	phdr[i].p_filesz, prot)) != 0)	514	phdr[i].p_filesz, prot)) != 0)
483	goto fail;	515	goto fail;
484
485	/*
486	* Is this .text or .data ??
487	*
488	* We only handle one each of those yet XXX
489	*/
490	if (hdr->e_entry >= phdr[i].p_vaddr &&
491	hdr->e_entry <(phdr[i].p_vaddr+phdr[i].p_memsz)) {
492	text_addr = trunc_page(phdr[i].p_vaddr);
493	text_size = round_page(phdr[i].p_memsz +
494	phdr[i].p_vaddr -
495	text_addr);
496	entry = (u_long)hdr->e_entry;
497	} else {
498	data_addr = trunc_page(phdr[i].p_vaddr);
499	data_size = round_page(phdr[i].p_memsz +
500	phdr[i].p_vaddr -
501	data_addr);
502	}
503	break;	516	break;
504	case PT_INTERP: /* Path to interpreter */	517	case PT_INTERP: /* Path to interpreter */
505	if (phdr[i].p_filesz > MAXPATHLEN \|\|	518	if (phdr[i].p_filesz > MAXPATHLEN \|\|