shithub: riscv

Download patch

ref: afc2d547e18381ce2dd0f69f0e88860d49b7e54f
parent: 8cef1794d6a092e72482bcb4927fced3b7b75d2a
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sun Dec 29 01:11:18 EST 2013

kernel: make sure user text, data and bss wont overlap the stack segment in sysexec()

--- a/sys/src/9/port/sysproc.c
+++ b/sys/src/9/port/sysproc.c
@@ -283,7 +283,7 @@
 		text = l2be(exec.text);
 		entry = l2be(exec.entry);
 		if(n==sizeof(Exec) && (magic == AOUT_MAGIC)){
-			if(text >= USTKTOP-UTZERO
+			if(text >= (USTKTOP-USTKSIZE)-(UTZERO+sizeof(Exec))
 			|| entry < UTZERO+sizeof(Exec)
 			|| entry >= UTZERO+sizeof(Exec)+text)
 				error(Ebadexec);
@@ -322,7 +322,7 @@
 	d = (t + data + (BY2PG-1)) & ~(BY2PG-1);
 	bssend = t + data + bss;
 	b = (bssend + (BY2PG-1)) & ~(BY2PG-1);
-	if(t >= KZERO || d >= KZERO || b >= KZERO)
+	if(t >= (USTKTOP-USTKSIZE) || d >= (USTKTOP-USTKSIZE) || b >= (USTKTOP-USTKSIZE))
 		error(Ebadexec);
 
 	/*
--