Received: by mail.netbsd.org (Postfix, from userid 605) id 02CFD14A482; Wed, 14 May 2014 05:14:49 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 1B6A914A47E for ; Wed, 14 May 2014 05:14:48 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id zsPXUwWAdMqJ for ; Wed, 14 May 2014 05:14:47 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 4095E14A47F for ; Wed, 14 May 2014 05:14:47 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 3815196; Wed, 14 May 2014 05:14:47 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Wed, 14 May 2014 05:14:47 +0000 From: "SAITOH Masanobu" Subject: CVS commit: [netbsd-5] src/sys/compat/linux/common To: source-changes@NetBSD.org X-Mailer: log_accum Message-Id: <20140514051447.3815196@cvs.netbsd.org> Sender: source-changes-owner@NetBSD.org List-Id: source-changes.NetBSD.org Precedence: bulk Reply-To: source-changes-d@NetBSD.org Mail-Reply-To: "SAITOH Masanobu" Mail-Followup-To: source-changes-d@NetBSD.org Module Name: src Committed By: msaitoh Date: Wed May 14 05:14:47 UTC 2014 Modified Files: src/sys/compat/linux/common [netbsd-5]: linux_exec_elf32.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1902): src/sys/compat/linux/common/linux_exec_elf32.c 1.91 via patch A specially-crafted binary could easily control a kernel array index. Add some checks to ensure that nothing will be read outside the allocated area. Rewrite the code so that we don't need to allocate the whole section. Spotted by several developers, patch from chs@/enami@ To generate a diff of this commit: cvs rdiff -u -r1.81 -r1.81.10.1 \ src/sys/compat/linux/common/linux_exec_elf32.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.