Module Name: src
Committed By: maxv
Date: Thu Nov 30 18:44:16 UTC 2017
Modified Files:
src/sys/kern: kern_proc.c
Log Message:
If no auxv is present, don't kmem_alloc(0). Easy to panic the kernel by
typing 'cat /proc/aout_pid/auxv' on whatever a.out binary you're running.
Fortunately, amd64 does not enable EXEC_AOUT by default. Unfortunately,
i386 does enable it by default.
To generate a diff of this commit:
cvs rdiff -u -r1.208 -r1.209 src/sys/kern/kern_proc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_proc.c
diff -u src/sys/kern/kern_proc.c:1.208 src/sys/kern/kern_proc.c:1.209
--- src/sys/kern/kern_proc.c:1.208 Tue Nov 7 19:44:04 2017
+++ src/sys/kern/kern_proc.c Thu Nov 30 18:44:16 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_proc.c,v 1.208 2017/11/07 19:44:04 christos Exp $ */
+/* $NetBSD: kern_proc.c,v 1.209 2017/11/30 18:44:16 maxv Exp $ */
/*-
* Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.208 2017/11/07 19:44:04 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.209 2017/11/30 18:44:16 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_kstack.h"
@@ -2463,16 +2463,19 @@ proc_getauxv(struct proc *p, void **buf,
struct ps_strings pss;
int error;
void *uauxv, *kauxv;
+ size_t size;
if ((error = copyin_psstrings(p, &pss)) != 0)
return error;
-
if (pss.ps_envstr == NULL)
return EIO;
+ size = p->p_execsw->es_arglen;
+ if (size == 0)
+ return EIO;
+
size_t ptrsz = PROC_PTRSZ(p);
uauxv = (void *)((char *)pss.ps_envstr + (pss.ps_nenvstr + 1) * ptrsz);
- size_t size = p->p_execsw->es_arglen;
kauxv = kmem_alloc(size, KM_SLEEP);
