summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArtur Grabowski <art@cvs.openbsd.org>2001-03-29 13:25:35 +0000
committerArtur Grabowski <art@cvs.openbsd.org>2001-03-29 13:25:35 +0000
commitb9095add3f784e133dab31923db2bd5205a6cc0c (patch)
tree8f41a65e4ddf985b86e2feea1c63af6939f1e801
parent2b3dc365d4b023a5259d936c068cb5df3426967b (diff)
Kludge around a problem where incorrect elf headers can cause
us to allocate too much memory in kmem_map and barf. This solution is completly bogus but it is the best I can do right now.
-rw-r--r--sys/kern/exec_elf64.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/kern/exec_elf64.c b/sys/kern/exec_elf64.c
index e0cc9e602f3..39cc5ec1180 100644
--- a/sys/kern/exec_elf64.c
+++ b/sys/kern/exec_elf64.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: exec_elf64.c,v 1.13 2001/03/07 00:56:30 niklas Exp $ */
+/* $OpenBSD: exec_elf64.c,v 1.14 2001/03/29 13:25:34 art Exp $ */
/*
* Copyright (c) 1996 Per Fogelstrom
@@ -400,6 +400,11 @@ elf64_load_file(p, path, epp, ap, last)
}
phsize = eh.e_phnum * sizeof(Elf64_Phdr);
+ if (phsize > 8192) {
+ /* XXX - this is not the way we want to fix this, but ... */
+ error = EINVAL;
+ goto bad1;
+ }
ph = (Elf64_Phdr *)malloc(phsize, M_TEMP, M_WAITOK);
if ((error = elf64_read_from(p, nd.ni_vp, eh.e_phoff, (caddr_t)ph,
@@ -789,6 +794,10 @@ elf64_os_pt_note(p, epp, eh, os_name, name_size, desc_size)
int error;
phsize = eh->e_phnum * sizeof(Elf64_Phdr);
+ if (phsize > 8192) {
+ /* XXX - this is not the way we want to fix this, but ... */
+ return EINVAL;
+ }
hph = (Elf64_Phdr *)malloc(phsize, M_TEMP, M_WAITOK);
if ((error = elf64_read_from(p, epp->ep_vp, eh->e_phoff,
(caddr_t)hph, phsize)) != 0)