17 Oct, 2008

1 commit

  • binfmt_script and binfmt_misc disallow recursion to avoid stack overflow
    using sh_bang and misc_bang. It causes problem in some cases:

    $ echo '#!/bin/ls' > /tmp/t0
    $ echo '#!/tmp/t0' > /tmp/t1
    $ echo '#!/tmp/t1' > /tmp/t2
    $ chmod +x /tmp/t*
    $ /tmp/t2
    zsh: exec format error: /tmp/t2

    Similar problem with binfmt_misc.

    This patch introduces field 'recursion_depth' into struct linux_binprm to
    track recursion level in binfmt_misc and binfmt_script. If recursion
    level more then BINPRM_MAX_RECURSION it generates -ENOEXEC.

    [akpm@linux-foundation.org: make linux_binprm.recursion_depth a uint]
    Signed-off-by: Kirill A. Shutemov
    Cc: Pavel Emelyanov
    Cc: Alexander Viro
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Kirill A. Shutemov
     

29 Apr, 2008

1 commit

  • This can be triggered with root help only, but...

    Register the ":text:E::txt::/root/cat.txt:' rule in binfmt_misc (by root) and
    try launching the cat.txt file (by anyone) :) The result is - the endless
    recursion in the load_misc_binary -> open_exec -> load_misc_binary chain and
    stack overflow.

    There's a similar problem with binfmt_script, and there's a sh_bang memner on
    linux_binprm structure to handle this, but simply raising this in binfmt_misc
    may break some setups when the interpreter of some misc binaries is a script.

    So the proposal is to turn sh_bang into a bit, add a new one (the misc_bang)
    and raise it in load_misc_binary. After this, even if we set up the misc ->
    script -> misc loop for binfmts one of them will step on its own bang and
    exit.

    Signed-off-by: Pavel Emelyanov
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Pavel Emelyanov
     

20 Oct, 2007

1 commit

  • * Convert files to UTF-8.

    * Also correct some people's names
    (one example is Eißfeldt, which was found in a source file.
    Given that the author used an ß at all in a source file
    indicates that the real name has in fact a 'ß' and not an 'ss',
    which is commonly used as a substitute for 'ß' when limited to
    7bit.)

    * Correct town names (Goettingen -> Göttingen)

    * Update Eberhard Mönkeberg's address (http://lkml.org/lkml/2007/1/8/313)

    Signed-off-by: Jan Engelhardt
    Signed-off-by: Adrian Bunk

    Jan Engelhardt
     

20 Jul, 2007

1 commit

  • Remove the arg+env limit of MAX_ARG_PAGES by copying the strings directly from
    the old mm into the new mm.

    We create the new mm before the binfmt code runs, and place the new stack at
    the very top of the address space. Once the binfmt code runs and figures out
    where the stack should be, we move it downwards.

    It is a bit peculiar in that we have one task with two mm's, one of which is
    inactive.

    [a.p.zijlstra@chello.nl: limit stack size]
    Signed-off-by: Ollie Wild
    Signed-off-by: Peter Zijlstra
    Cc:
    Cc: Hugh Dickins
    [bunk@stusta.de: unexport bprm_mm_init]
    Signed-off-by: Adrian Bunk
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Ollie Wild
     

09 May, 2007

1 commit


17 Apr, 2005

1 commit

  • Initial git repository build. I'm not bothering with the full history,
    even though we have it. We can create a separate "historical" git
    archive of that later if we want to, and in the meantime it's about
    3.2GB when imported into git - space that would just make the early
    git days unnecessarily complicated, when we don't have a lot of good
    infrastructure for it.

    Let it rip!

    Linus Torvalds