Author: jtl Date: Thu Dec 24 00:58:11 2015 New Revision: 292676 URL: https://svnweb.freebsd.org/changeset/base/292676
Log: Only allow one PT_INTERP ELF program header. This also fixes a potential memory leak for interp_buf. Differential Revision: https://reviews.freebsd.org/D4692 Reviewed by: kib MFC after: 2 weeks Sponsored by: Juniper Networks Modified: head/sys/kern/imgact_elf.c Modified: head/sys/kern/imgact_elf.c ============================================================================== --- head/sys/kern/imgact_elf.c Wed Dec 23 23:35:32 2015 (r292675) +++ head/sys/kern/imgact_elf.c Thu Dec 24 00:58:11 2015 (r292676) @@ -799,6 +799,11 @@ __CONCAT(exec_, __elfN(imgact))(struct i error = ENOEXEC; goto ret; } + if (interp != NULL) { + uprintf("Multiple PT_INTERP headers\n"); + error = ENOEXEC; + goto ret; + } interp_name_len = phdr[i].p_filesz; if (phdr[i].p_offset > PAGE_SIZE || interp_name_len > PAGE_SIZE - phdr[i].p_offset) { _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "[email protected]"
