syscall_exec16: Fix BSS wrap bug

If the binary fits but it has a huge BSS value then kernel wrongly allows it to
start. Because of some other bugs and quirks it ends up running sanely for most
platforms but the BSS is not cleared.

This breaks the current builds of /bin/sh so you'll need to build a new one with
the tools patches that follow this applied.

diff --git a/Kernel/syscall_exec16.c b/Kernel/syscall_exec16.c
index 8db92b5..fa8eae7 100644 (file)
--- a/Kernel/syscall_exec16.c
+++ b/Kernel/syscall_exec16.c
@@ -108,6 +108,10 @@ arg_t _execve(void)
        /* Binary doesn't fit */
        /* FIXME: review overflows */
        bin_size = ino->c_node.i_size;
+       if (bin_size + bss < bin_size) {
+               udata.u_error = ENOMEM;
+               goto nogood2;
+       }
        progptr = bin_size + 1024 + bss;
        if (progload < PROGLOAD || top - progload < progptr || progptr < bin_size) {
                udata.u_error = ENOMEM;