From 7e30b92f64324e3a7561a1bba30cf003e4037d76 Mon Sep 17 00:00:00 2001
From: Artur Grabowski <art@cvs.openbsd.org>
Date: Mon, 30 Jul 2001 11:58:37 +0000
Subject: Add a check for too big e_phnum that could cause us to malloc to much
 and barf. This should have been merged into this file from exec_elf64.c a
 long time ago. Looking for volunteers to merge exec_elf.c and exec_elf64.c

---
 sys/kern/exec_elf.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'sys')

diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c
index 2eb09508aca..ed9c5d46536 100644
--- a/sys/kern/exec_elf.c
+++ b/sys/kern/exec_elf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: exec_elf.c,v 1.32 2001/06/22 14:14:07 deraadt Exp $	*/
+/*	$OpenBSD: exec_elf.c,v 1.33 2001/07/30 11:58:36 art Exp $	*/
 
 /*
  * Copyright (c) 1996 Per Fogelstrom
@@ -189,6 +189,10 @@ elf_check_header(ehdr, type)
 	if (ehdr->e_type != type)
 		return (ENOEXEC);
 
+	/* Don't allow an insane amount of sections. */
+	if (ehdr->e_phnum > 128)
+		return (ENOEXEC);
+
 	return (0);
 }
 
@@ -232,6 +236,10 @@ os_ok:
 	if (ehdr->e_type != type)
 		return (ENOEXEC);
 
+	/* Don't allow an insane amount of sections. */
+	if (ehdr->e_phnum > 128)
+		return (ENOEXEC);
+
 	*os = ehdr->e_ident[OI_OS];
 	return (0);
 }
-- 
cgit v1.2.3