From c5ee3b3b0b410a5a1e62f37959eafee0c2c09006 Mon Sep 17 00:00:00 2001 From: Alan Cox Date: Wed, 8 Nov 2017 19:54:18 +0000 Subject: [PATCH] syscal_exec16: Fix two bugs 1. Potential race on reference to hdr 2. If we tried to exec an r/o file and failed we could end up being marked non coredumping --- Kernel/syscall_exec16.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/Kernel/syscall_exec16.c b/Kernel/syscall_exec16.c index 968695f6..78f4945c 100644 --- a/Kernel/syscall_exec16.c +++ b/Kernel/syscall_exec16.c @@ -47,7 +47,7 @@ static int header_ok(uint8_t *pp) arg_t _execve(void) { /* We aren't re-entrant where this matters */ - staticfast uint8_t hdr[16]; + uint8_t hdr[16]; staticfast inoptr ino; char **nargv; /* In user space */ char **nenvp; /* In user space */ @@ -71,16 +71,6 @@ arg_t _execve(void) goto nogood; } - /* Core dump and ptrace permission logic */ -#ifdef CONFIG_LEVEL_2 - /* Q: should uid == 0 mean we always allow core */ - if ((!(getperm(ino) & OTH_RD)) || - (ino->c_node.i_mode & (SET_UID | SET_GID))) - udata.u_flags |= U_FLAG_NOCORE; - else - udata.u_flags &= ~U_FLAG_NOCORE; -#endif - setftime(ino, A_TIME); udata.u_offset = 0; @@ -139,6 +129,16 @@ arg_t _execve(void) goto nogood3; /* From this point on we are commmited to the exec() completing */ + + /* Core dump and ptrace permission logic */ +#ifdef CONFIG_LEVEL_2 + /* Q: should uid == 0 mean we always allow core */ + if ((!(getperm(ino) & OTH_RD)) || + (ino->c_node.i_mode & (SET_UID | SET_GID))) + udata.u_flags |= U_FLAG_NOCORE; + else + udata.u_flags &= ~U_FLAG_NOCORE; +#endif udata.u_top = top; udata.u_ptab->p_top = top; -- 2.34.1