From: Lionel Sambuc Date: Wed, 30 Jul 2014 14:10:03 +0000 (+0200) Subject: servers/rs: Add sanity check on executable size X-Git-Tag: v3.3.0~85 X-Git-Url: http://zhaoyanbai.com/repos/%22http:/www.isc.org/icons/zlib_tech.html?a=commitdiff_plain;h=37f29f557ab17227a82345b4118d57de4d9ea8e9;p=minix.git servers/rs: Add sanity check on executable size RS used to do a stat, and check that the stat was successful, but it didn't check that the executable was not actually empty. This patch adds a check to detect file which are smaller than the minimum ELF size possible. Change-Id: I22b004084f17e7d395e2c1377add7bc8b51c3d5e --- diff --git a/minix/lib/libexec/exec_elf.c b/minix/lib/libexec/exec_elf.c index 6600193fc..f6d8d21cd 100644 --- a/minix/lib/libexec/exec_elf.c +++ b/minix/lib/libexec/exec_elf.c @@ -58,6 +58,8 @@ static int elf_ph_sane(Elf_Phdr *phdr) static int elf_unpack(char *exec_hdr, int hdr_len, Elf_Ehdr **hdr, Elf_Phdr **phdr) { + assert(hdr_len >= sizeof(Elf_Ehdr)); + *hdr = (Elf_Ehdr *) exec_hdr; if(!elf_sane(*hdr)) { return ENOEXEC; diff --git a/minix/servers/rs/manager.c b/minix/servers/rs/manager.c index 0cadf95c0..9adf386c3 100644 --- a/minix/servers/rs/manager.c +++ b/minix/servers/rs/manager.c @@ -7,6 +7,8 @@ #include +#include + #include "inc.h" #include "kernel/proc.h" @@ -1272,6 +1274,9 @@ struct rproc *rp; if (r != 0) return -errno; + if (sb.st_size < sizeof(Elf_Ehdr)) + return ENOEXEC; + fd= open(e_name, O_RDONLY); if (fd == -1) return -errno;