* [PATCH] Bug in binfmt_misc?
@ 2003-02-11 6:33 Rusty Russell
0 siblings, 0 replies; only message in thread
From: Rusty Russell @ 2003-02-11 6:33 UTC (permalink / raw)
To: linux-kernel; +Cc: Marcelo Tosatti, torvalds
As far as I can tell, this should never cause a problem, but someone
pointed this out:
diff -urpN --exclude TAGS -X /home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal linux-2.4.21-pre4/fs/binfmt_misc.c working-2.4.21-pre4-rest-non_drivers/fs/binfmt_misc.c
--- linux-2.4.21-pre4/fs/binfmt_misc.c 2002-08-03 13:54:15.000000000 +1000
+++ working-2.4.21-pre4-rest-non_drivers/fs/binfmt_misc.c 2003-02-11 14:29:34.000000000 +1100
@@ -128,6 +128,8 @@ static int load_misc_binary(struct linux
retval = copy_strings_kernel(1, &iname_addr, bprm);
if (retval < 0) goto _ret;
bprm->argc++;
+ /* BUG: iname is a local variable and given to an outside struct.
+ * this will cause problems when function scope ends */
bprm->filename = iname; /* for binfmt_script */
file = open_exec(iname);
Now, if this isn't a problem, the following should at least catch any
future misuses:
diff -urpN --exclude TAGS -X /home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal linux-2.4.21-pre4/fs/binfmt_misc.c working-2.4.21-pre4-rest-non_drivers/fs/binfmt_misc.c
--- linux-2.4.21-pre4/fs/binfmt_misc.c 2002-08-03 13:54:15.000000000 +1000
+++ working-2.4.21-pre4-rest-non_drivers/fs/binfmt_misc.c 2003-02-11 15:03:06.000000000 +1100
@@ -139,6 +139,7 @@ static int load_misc_binary(struct linux
retval = prepare_binprm(bprm);
if (retval >= 0)
retval = search_binary_handler(bprm, regs);
+ bprm->filename = NULL;
_ret:
return retval;
}
--
Anyone who quotes me in their sig is an idiot. -- Rusty Russell.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-02-11 7:14 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-02-11 6:33 [PATCH] Bug in binfmt_misc? Rusty Russell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).