Actually, kib@ points out that this isn't quite correct; the correct
fix should indeed be a 1-liner, attached.
--dho
Index: sys/kern/imgact_shell.c
===================================================================
--- sys/kern/imgact_shell.c (revision 219345)
+++ sys/kern/imgact_shell.c (working copy)
@@ -195,7 +195,7 @@
length = (imgp->args->argc == 0) ? 0 :
strlen(imgp->args->begin_argv) + 1; /* bytes to delete */
- if (offset - length > imgp->args->stringspace) {
+ if (offset > length && offset - length > imgp->args->stringspace) {
if (sname != NULL)
sbuf_delete(sname);
return (E2BIG);
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
