| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20101004135524.E8A5.A69D9226@jp.fujitsu.com>
Date: Mon, 4 Oct 2010 13:59:59 +0900 (JST)
From: KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>
To: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Cc: kosaki.motohiro@...fujitsu.com, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: Is it legal to return positive value when do_execve() succeeds?
> Thus, TASK_SIZE == 0xC0000000.
>
> fs/binfmt_elf.c:
> 77 #define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE)
> 78
> 79 static int set_brk(unsigned long start, unsigned long end)
> 80 {
> 81 start = ELF_PAGEALIGN(start);
> 82 end = ELF_PAGEALIGN(end);
> 83 if (end > start) {
> 84 unsigned long addr;
> 85 down_write(¤t->mm->mmap_sem);
> 86 addr = do_brk(start, end - start);
> 87 up_write(¤t->mm->mmap_sem);
> 88 if (BAD_ADDR(addr))
> 89 return addr;
> 90 }
> 91 current->mm->start_brk = current->mm->brk = end;
> 92 return 0;
> 93 }
>
> Thus, BAD_ADDR(x) is ((unsigned long)(x) >= 0xC0000000).
Can do_brk() return BAD_ADDR() _and_ !IS_ERR_VALUE() value? when?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists