diff options
author | Artur Grabowski <art@cvs.openbsd.org> | 2001-03-29 13:25:35 +0000 |
---|---|---|
committer | Artur Grabowski <art@cvs.openbsd.org> | 2001-03-29 13:25:35 +0000 |
commit | b9095add3f784e133dab31923db2bd5205a6cc0c (patch) | |
tree | 8f41a65e4ddf985b86e2feea1c63af6939f1e801 | |
parent | 2b3dc365d4b023a5259d936c068cb5df3426967b (diff) |
Kludge around a problem where incorrect elf headers can cause
us to allocate too much memory in kmem_map and barf.
This solution is completly bogus but it is the best I can do right now.
-rw-r--r-- | sys/kern/exec_elf64.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/kern/exec_elf64.c b/sys/kern/exec_elf64.c index e0cc9e602f3..39cc5ec1180 100644 --- a/sys/kern/exec_elf64.c +++ b/sys/kern/exec_elf64.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf64.c,v 1.13 2001/03/07 00:56:30 niklas Exp $ */ +/* $OpenBSD: exec_elf64.c,v 1.14 2001/03/29 13:25:34 art Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -400,6 +400,11 @@ elf64_load_file(p, path, epp, ap, last) } phsize = eh.e_phnum * sizeof(Elf64_Phdr); + if (phsize > 8192) { + /* XXX - this is not the way we want to fix this, but ... */ + error = EINVAL; + goto bad1; + } ph = (Elf64_Phdr *)malloc(phsize, M_TEMP, M_WAITOK); if ((error = elf64_read_from(p, nd.ni_vp, eh.e_phoff, (caddr_t)ph, @@ -789,6 +794,10 @@ elf64_os_pt_note(p, epp, eh, os_name, name_size, desc_size) int error; phsize = eh->e_phnum * sizeof(Elf64_Phdr); + if (phsize > 8192) { + /* XXX - this is not the way we want to fix this, but ... */ + return EINVAL; + } hph = (Elf64_Phdr *)malloc(phsize, M_TEMP, M_WAITOK); if ((error = elf64_read_from(p, epp->ep_vp, eh->e_phoff, (caddr_t)hph, phsize)) != 0) |