Eliminate the prefix parameter to linux_emul_find(), which was always

linux_emul_path anyway.  Linux_emul_find() has interesting bugs in its
prefix handling (which luckily are not currently exploitable); this
commit is preliminary to an attempt at cleaning it up.

Approved by:	marcel
This commit is contained in:
Dag-Erling Smørgrav 2001-10-27 11:15:19 +00:00
parent 9ca45e813c
commit a08d68de5b
4 changed files with 9 additions and 11 deletions

View File

@ -153,8 +153,8 @@ exec_linux_imgact_try(imgp)
if ((error = exec_shell_imgact(imgp)) == 0) {
char *rpath = NULL;
linux_emul_find(&imgp->proc->p_thread, NULL,/* XXXKSE */
linux_emul_path, imgp->interpreter_name, &rpath, 0);
linux_emul_find(&imgp->proc->p_thread, NULL,
imgp->interpreter_name, &rpath, 0);
if (rpath != imgp->interpreter_name) {
int len = strlen(rpath) + 1;

View File

@ -50,10 +50,9 @@ const char linux_emul_path[] = "/compat/linux";
* be in exists.
*/
int
linux_emul_find(td, sgp, prefix, path, pbuf, cflag)
linux_emul_find(td, sgp, path, pbuf, cflag)
struct thread *td;
caddr_t *sgp; /* Pointer to stackgap memory */
const char *prefix;
char *path;
char **pbuf;
int cflag;
@ -63,15 +62,16 @@ linux_emul_find(td, sgp, prefix, path, pbuf, cflag)
struct vattr vat;
struct vattr vatroot;
int error;
const char *prefix;
char *ptr, *buf, *cp;
size_t sz, len;
buf = (char *) malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
*pbuf = path;
prefix = linux_emul_path;
for (ptr = buf; (*ptr = *prefix) != '\0'; ptr++, prefix++)
continue;
sz = MAXPATHLEN - (ptr - buf);
/*

View File

@ -76,15 +76,13 @@ stackgap_alloc(sgp, sz)
extern const char linux_emul_path[];
int linux_emul_find __P((struct thread *, caddr_t *, const char *, char *,
char **, int));
int linux_emul_find __P((struct thread *, caddr_t *, char *, char **, int));
#define CHECKALT(p, sgp, path, i) \
do { \
int _error; \
\
_error = linux_emul_find(p, sgp, linux_emul_path, path, \
&path, i); \
_error = linux_emul_find(p, sgp, path, &path, i); \
if (_error == EFAULT) \
return (_error); \
} while (0)

View File

@ -745,13 +745,13 @@ exec_linux_imgact_try(imgp)
if ((error = exec_shell_imgact(imgp)) == 0) {
char *rpath = NULL;
linux_emul_find(&imgp->proc->p_thread, NULL, linux_emul_path,
linux_emul_find(&imgp->proc->p_thread, NULL,
imgp->interpreter_name, &rpath, 0);
if (rpath != imgp->interpreter_name) {
int len = strlen(rpath) + 1;
if (len <= MAXSHELLCMDLEN) {
memcpy(imgp->interpreter_name, rpath, len);
memcpy(imgp->interpreter_name, rpath, len);
}
free(rpath, M_TEMP);
}