mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-28 14:44:10 +08:00
[PATCH] Require mmap handler for a.out executables
Files supported by fs/proc/base.c, i.e. /proc/<pid>/*, are not capable of meeting the validity checks in ELF load_elf_*() handling because they have no mmap handler which is required by ELF. In order to stop a.out executables being used as part of an exploit attack against /proc-related vulnerabilities, we make a.out executables depend on ->mmap() existing. Signed-off-by: Eugene Teo <eteo@redhat.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
563d075702
commit
8454aeef6f
@ -278,6 +278,13 @@ static int load_aout_binary(struct linux_binprm * bprm, struct pt_regs * regs)
|
|||||||
return -ENOEXEC;
|
return -ENOEXEC;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Requires a mmap handler. This prevents people from using a.out
|
||||||
|
* as part of an exploit attack against /proc-related vulnerabilities.
|
||||||
|
*/
|
||||||
|
if (!bprm->file->f_op || !bprm->file->f_op->mmap)
|
||||||
|
return -ENOEXEC;
|
||||||
|
|
||||||
fd_offset = N_TXTOFF(ex);
|
fd_offset = N_TXTOFF(ex);
|
||||||
|
|
||||||
/* Check initial limits. This avoids letting people circumvent
|
/* Check initial limits. This avoids letting people circumvent
|
||||||
@ -476,6 +483,13 @@ static int load_aout_library(struct file *file)
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Requires a mmap handler. This prevents people from using a.out
|
||||||
|
* as part of an exploit attack against /proc-related vulnerabilities.
|
||||||
|
*/
|
||||||
|
if (!file->f_op || !file->f_op->mmap)
|
||||||
|
goto out;
|
||||||
|
|
||||||
if (N_FLAGS(ex))
|
if (N_FLAGS(ex))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user