david.venhoff/QEMU-Nyx-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

linux-user: allocate heap memory for execve arguments

Browse Source 
Arguments passed to execve(2) call from user program could
be large, allocating stack memory for them via alloca(3) call
would lead to bad behaviour. Use 'g_new0' to allocate memory
for such arguments.

Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
This commit is contained in:
Prasad J Pandit 2017-03-07 12:51:47 +05:30 committed by Riku Voipio
parent c4e316cfb5
commit b936cb50aa
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
linux-user/syscall.c
View File

@ -7985,8 +7985,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
envc++; envc++;
} }
argp = alloca((argc + 1) * sizeof(void *)); argp = g_new0(char *, argc + 1);
envp = alloca((envc + 1) * sizeof(void *)); envp = g_new0(char *, envc + 1);
for (gp = guest_argp, q = argp; gp; for (gp = guest_argp, q = argp; gp;
gp += sizeof(abi_ulong), q++) { gp += sizeof(abi_ulong), q++) {
@ -8047,6 +8047,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
break; break;
unlock_user(*q, addr, 0); unlock_user(*q, addr, 0);
} }
g_free(argp);
g_free(envp);
} }
break; break;
case TARGET_NR_chdir: case TARGET_NR_chdir: