From 9c2c3c1feea59d5c212d250e13135e04dd397582 Mon Sep 17 00:00:00 2001 From: Matthew Wilcox Date: Sun, 24 Sep 2006 13:35:50 -0600 Subject: [PATCH] --- yaml --- r: 38547 b: refs/heads/master c: dc02747da7897cb89b62bb08aeb06fa0bb1e7319 h: refs/heads/master i: 38545: 604213dbc73381c8e1a6f304bfc504865324510c 38543: 730442601cc01e5542590901af07ebdfbc013b8c v: v3 --- [refs] | 2 +- trunk/fs/binfmt_som.c | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/[refs] b/[refs] index bed34315d2b7..e59eed6525ec 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 8d0b7d1055bedca784b143b0af9b37bd971b7cd2 +refs/heads/master: dc02747da7897cb89b62bb08aeb06fa0bb1e7319 diff --git a/trunk/fs/binfmt_som.c b/trunk/fs/binfmt_som.c index 32b5d625ce9c..5bcdaaf4eae0 100644 --- a/trunk/fs/binfmt_som.c +++ b/trunk/fs/binfmt_som.c @@ -29,6 +29,7 @@ #include #include +#include #include #include @@ -194,6 +195,7 @@ load_som_binary(struct linux_binprm * bprm, struct pt_regs * regs) unsigned long som_entry; struct som_hdr *som_ex; struct som_exec_auxhdr *hpuxhdr; + struct files_struct *files; /* Get the exec-header */ som_ex = (struct som_hdr *) bprm->buf; @@ -208,15 +210,27 @@ load_som_binary(struct linux_binprm * bprm, struct pt_regs * regs) size = som_ex->aux_header_size; if (size > SOM_PAGESIZE) goto out; - hpuxhdr = (struct som_exec_auxhdr *) kmalloc(size, GFP_KERNEL); + hpuxhdr = kmalloc(size, GFP_KERNEL); if (!hpuxhdr) goto out; retval = kernel_read(bprm->file, som_ex->aux_header_location, (char *) hpuxhdr, size); + if (retval != size) { + if (retval >= 0) + retval = -EIO; + goto out_free; + } + + files = current->files; /* Refcounted so ok */ + retval = unshare_files(); if (retval < 0) goto out_free; -#error "Fix security hole before enabling me" + if (files == current->files) { + put_files_struct(files); + files = NULL; + } + retval = get_unused_fd(); if (retval < 0) goto out_free;