r3657 - trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches

Simon Horman horms at costa.debian.org
Mon Aug 1 09:32:10 UTC 2005 

Author: horms
Date: 2005-08-01 09:32:09 +0000 (Mon, 01 Aug 2005)
New Revision: 3657

Modified:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/171_arch-ia64-x86_64-execve-overflow.diff
Log:
update patch - its mostly a regerssion

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/171_arch-ia64-x86_64-execve-overflow.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/171_arch-ia64-x86_64-execve-overflow.diff	2005-08-01 09:31:10 UTC (rev 3656)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/171_arch-ia64-x86_64-execve-overflow.diff	2005-08-01 09:32:09 UTC (rev 3657)
@@ -15,8 +15,8 @@
 
 Signed-off-by: Andi Kleen <ak at suse.de>
 
-I:100644 100644 d398d537c16b1a744e4bf76136d19d1d80c25099 acfa7e6bb6307923a3c6738b0c498d99c8ce890a M	arch/ia64/ia32/sys_ia32.c
-I:100644 100644 0c43987ce7ab3032b96036c7d9d22b81a22a151f 3692043ab57ab273234a2af15dc2d01560f3297a M	arch/x86_64/ia32/sys_ia32.c
+D:100644 100644 d398d537c16b1a744e4bf76136d19d1d80c25099 acfa7e6bb6307923a3c6738b0c498d99c8ce890a M	arch/ia64/ia32/sys_ia32.c
+R:100644 100644 0c43987ce7ab3032b96036c7d9d22b81a22a151f 3692043ab57ab273234a2af15dc2d01560f3297a M	arch/x86_64/ia32/sys_ia32.c
 
 Key:
 S: Skipped
@@ -24,113 +24,17 @@
 D: Deleted  Manually deleted by subsequent user edit
 R: Revised  Manually revised by subsequent user edit
 
-diff --git a/arch/ia64/ia32/sys_ia32.c b/arch/ia64/ia32/sys_ia32.c
---- a/arch/ia64/ia32/sys_ia32.c
-+++ b/arch/ia64/ia32/sys_ia32.c
-@@ -94,7 +94,7 @@ asmlinkage unsigned long sys_brk(unsigne
- static DECLARE_MUTEX(ia32_mmap_sem);
- 
- static int
--nargs (unsigned int arg, char **ap)
-+nargs (unsigned int arg, char **ap, int max)
- {
- 	unsigned int addr;
- 	int n, err;
-@@ -107,6 +107,8 @@ nargs (unsigned int arg, char **ap)
- 		err = get_user(addr, (unsigned int *)A(arg));
- 		if (err)
- 			return err;
-+		if (n > max)
-+			return -E2BIG;
- 		if (ap)
- 			*ap++ = (char *) A(addr);
- 		arg += sizeof(unsigned int);
-@@ -128,10 +130,11 @@ sys32_execve (char *filename, unsigned i
- 	int na, ne, len;
- 	long r;
- 
--	na = nargs(argv, NULL);
-+	/* Allocates upto 2x MAX_ARG_PAGES */
-+	na = nargs(argv, NULL, (MAX_ARG_PAGES*PAGE_SIZE) / sizeof(char *) - 1);
- 	if (na < 0)
- 		return na;
--	ne = nargs(envp, NULL);
-+	ne = nargs(envp, NULL, (MAX_ARG_PAGES*PAGE_SIZE) / sizeof(char *) - 1 );
- 	if (ne < 0)
- 		return ne;
- 	len = (na + ne + 2) * sizeof(*av);
-@@ -143,10 +146,10 @@ sys32_execve (char *filename, unsigned i
- 	av[na] = NULL;
- 	ae[ne] = NULL;
- 
--	r = nargs(argv, av);
-+	r = nargs(argv, av, na);
- 	if (r < 0)
- 		goto out;
--	r = nargs(envp, ae);
-+	r = nargs(envp, ae, ne);
- 	if (r < 0)
- 		goto out;
- 
+Rediffed for Debian - Horms
+
 diff --git a/arch/x86_64/ia32/sys_ia32.c b/arch/x86_64/ia32/sys_ia32.c
 --- a/arch/x86_64/ia32/sys_ia32.c
 +++ b/arch/x86_64/ia32/sys_ia32.c
-@@ -2200,7 +2200,7 @@ asmlinkage long sys32_ustat(dev_t dev, s
- 	return ret;
- } 
- 
--static int nargs(u32 src, char **dst) 
-+static int nargs(u32 src, char **dst, int max) 
- { 
- 	int cnt;
- 	u32 val; 
-@@ -2210,13 +2210,13 @@ static int nargs(u32 src, char **dst) 
- 		int ret = get_user(val, (__u32 *)(u64)src); 
- 		if (ret)
- 			return ret;
-+		if (cnt > max)
-+			return -E2BIG; 
- 		if (dst)
+@@ -2207,7 +2207,7 @@
  			dst[cnt] = (char *)(u64)val; 
  		cnt++;
  		src += 4;
--		if (cnt >= (MAX_ARG_PAGES * PAGE_SIZE) / sizeof(char *))
--			return -E2BIG; 
--	} while(val); 
-+		} while(val); 
+-		if (cnt > max)
++		if (cnt >= (MAX_ARG_PAGES * PAGE_SIZE) / sizeof(char *))
+ 			return -E2BIG; 
+ 	} while(val); 
  	if (dst)
- 		dst[cnt-1] = 0; 
- 	return cnt; 
-@@ -2230,13 +2230,14 @@ asmlinkage long sys32_execve(char *name,
- 	int ret;
- 	unsigned sz = 0; 
- 	
-+	/* Can actually allocate 2*MAX_ARG_PAGES */
- 	if (argv) {
--	na = nargs(argv, NULL); 
-+	na = nargs(argv, NULL, (MAX_ARG_PAGES * PAGE_SIZE)/sizeof(char*) - 1); 
- 	if (na < 0) 
- 		return -EFAULT; 
- 	} 	
- 	if (envp) { 
--	ne = nargs(envp, NULL); 
-+	ne = nargs(envp, NULL, (MAX_ARG_PAGES * PAGE_SIZE)/sizeof(char*) - 1); 
- 	if (ne < 0) 
- 		return -EFAULT; 
- 	}
-@@ -2252,13 +2253,13 @@ asmlinkage long sys32_execve(char *name,
- 	} 
- 	
- 	if (argv) { 
--	ret = nargs(argv, buf);
-+	ret = nargs(argv, buf, na);
- 	if (ret < 0)
- 		goto free;
- 	}
- 
- 	if (envp) { 
--	ret = nargs(envp, buf + na); 
-+	ret = nargs(envp, buf + na, ne); 
- 	if (ret < 0)
- 		goto free; 
- 	}

More information about the Kernel-svn-changes mailing list