projects
/
GitHub
/
mt8127
/
android_kernel_alcatel_ttab.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog
[GitHub/mt8127/android_kernel_alcatel_ttab.git]
/
fs
/
binfmt_aout.c
diff --git
a/fs/binfmt_aout.c
b/fs/binfmt_aout.c
index f312103434d4594fcd8d532c90bb8b4cf4698289..517e111bb7ef4acbb94f95fb560cb4c2734f4d5b 100644
(file)
--- a/
fs/binfmt_aout.c
+++ b/
fs/binfmt_aout.c
@@
-278,6
+278,13
@@
static int load_aout_binary(struct linux_binprm * bprm, struct pt_regs * regs)
return -ENOEXEC;
}
return -ENOEXEC;
}
+ /*
+ * Requires a mmap handler. This prevents people from using a.out
+ * as part of an exploit attack against /proc-related vulnerabilities.
+ */
+ if (!bprm->file->f_op || !bprm->file->f_op->mmap)
+ return -ENOEXEC;
+
fd_offset = N_TXTOFF(ex);
/* Check initial limits. This avoids letting people circumvent
fd_offset = N_TXTOFF(ex);
/* Check initial limits. This avoids letting people circumvent
@@
-476,6
+483,13
@@
static int load_aout_library(struct file *file)
goto out;
}
goto out;
}
+ /*
+ * Requires a mmap handler. This prevents people from using a.out
+ * as part of an exploit attack against /proc-related vulnerabilities.
+ */
+ if (!file->f_op || !file->f_op->mmap)
+ goto out;
+
if (N_FLAGS(ex))
goto out;
if (N_FLAGS(ex))
goto out;