Diffusion FreeBSD src repository 00d17cf342cd

elf_note_prpsinfo: handle more failures from proc_getargv()
00d17cf342cd
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

elf_note_prpsinfo: handle more failures from proc_getargv()

Resulting sbuf_len() from proc_getargv() might return 0 if user mangled
ps_strings enough. Also, sbuf_len() API contract is to return -1 if the
buffer overflowed. The later should not occur because get_ps_strings()
checks for catenated length, but check for this subtle detail explicitly
as well to be more resilent.

The end result is that p_comm is used in this situations.

Approved by: so
Security: FreeBSD-SA-22:09.elf
Reported by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: delphij, markj
admbugs: 988
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35391

Details

Provenance

kib	Authored on Jun 3 2022, 8:21 AM
markj	Committed on Aug 9 2022, 7:44 PM

Reviewer

Differential Revision

Restricted Differential Revision

Parents

rG6b6367ba8fd2: release: ensure enforce_chs sysctl is 0

Branches

Unknown

Tags

Unknown

Event Timeline

markj committed rG00d17cf342cd: elf_note_prpsinfo: handle more failures from proc_getargv() (authored by kib).Aug 9 2022, 7:44 PM

markj added an edge: Restricted Differential Revision.Aug 9 2022, 7:57 PM

markj mentioned this in rG8a44a2c644fc: elf_note_prpsinfo: handle more failures from proc_getargv().

markj mentioned this in rG2170511d491b: elf_note_prpsinfo: handle more failures from proc_getargv().

markj mentioned this in rG0aa6d8576d9e: elf_note_prpsinfo: handle more failures from proc_getargv().

markj mentioned this in rG056ffc74a769: elf_note_prpsinfo: handle more failures from proc_getargv().Aug 9 2022, 8:01 PM

markj mentioned this in rG69a456c0b60b: elf_note_prpsinfo: handle more failures from proc_getargv().

Changes (2)

Path

Size

sys/

compat/

linux/

kern/

rG00d17cf342cd

sys/compat/linux/linux_elf.c

Loading...

sys/kern/imgact_elf.c

Loading...