linux: allow for interpreter to be truncated
via https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb5b020a8d38f77209d0472a0fea755299a8ec78 see https://github.com/NixOS/nixpkgs/issues/53672
This commit is contained in:
parent
13d1ba3439
commit
f0b8a113dd
3 changed files with 56 additions and 0 deletions
44
pkgs/os-specific/linux/kernel/interpreter-trunc.patch
Normal file
44
pkgs/os-specific/linux/kernel/interpreter-trunc.patch
Normal file
|
@ -0,0 +1,44 @@
|
|||
From cb5b020a8d38f77209d0472a0fea755299a8ec78 Mon Sep 17 00:00:00 2001
|
||||
From: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Date: Thu, 14 Feb 2019 15:02:18 -0800
|
||||
Subject: Revert "exec: load_script: don't blindly truncate shebang string"
|
||||
|
||||
This reverts commit 8099b047ecc431518b9bb6bdbba3549bbecdc343.
|
||||
|
||||
It turns out that people do actually depend on the shebang string being
|
||||
truncated, and on the fact that an interpreter (like perl) will often
|
||||
just re-interpret it entirely to get the full argument list.
|
||||
|
||||
Reported-by: Samuel Dionne-Riel <samuel@dionne-riel.com>
|
||||
Acked-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: Oleg Nesterov <oleg@redhat.com>
|
||||
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
---
|
||||
fs/binfmt_script.c | 10 +++-------
|
||||
1 file changed, 3 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/fs/binfmt_script.c b/fs/binfmt_script.c
|
||||
index d0078cbb718b..7cde3f46ad26 100644
|
||||
--- a/fs/binfmt_script.c
|
||||
+++ b/fs/binfmt_script.c
|
||||
@@ -42,14 +42,10 @@ static int load_script(struct linux_binprm *bprm)
|
||||
fput(bprm->file);
|
||||
bprm->file = NULL;
|
||||
|
||||
- for (cp = bprm->buf+2;; cp++) {
|
||||
- if (cp >= bprm->buf + BINPRM_BUF_SIZE)
|
||||
- return -ENOEXEC;
|
||||
- if (!*cp || (*cp == '\n'))
|
||||
- break;
|
||||
- }
|
||||
+ bprm->buf[BINPRM_BUF_SIZE - 1] = '\0';
|
||||
+ if ((cp = strchr(bprm->buf, '\n')) == NULL)
|
||||
+ cp = bprm->buf+BINPRM_BUF_SIZE-1;
|
||||
*cp = '\0';
|
||||
-
|
||||
while (cp > bprm->buf) {
|
||||
cp--;
|
||||
if ((*cp == ' ') || (*cp == '\t'))
|
||||
--
|
||||
cgit 1.2-0.3.lf.el7
|
||||
|
|
@ -57,4 +57,11 @@ rec {
|
|||
sha256 = "1l8xq02rd7vakxg52xm9g4zng0ald866rpgm8kjlh88mwwyjkrwv";
|
||||
};
|
||||
};
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/issues/53672
|
||||
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb5b020a8d38f77209d0472a0fea755299a8ec78
|
||||
interpreter-trunc = {
|
||||
name = "interpreter-trunc";
|
||||
patch = ./interpreter-trunc.patch;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -14576,6 +14576,7 @@ in
|
|||
# when adding a new linux version
|
||||
kernelPatches.cpu-cgroup-v2."4.11"
|
||||
kernelPatches.modinst_arg_list_too_long
|
||||
kernelPatches.interpreter-trunc
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -14583,6 +14584,7 @@ in
|
|||
kernelPatches =
|
||||
[ kernelPatches.bridge_stp_helper
|
||||
kernelPatches.modinst_arg_list_too_long
|
||||
kernelPatches.interpreter-trunc
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -14590,6 +14592,7 @@ in
|
|||
kernelPatches =
|
||||
[ kernelPatches.bridge_stp_helper
|
||||
kernelPatches.modinst_arg_list_too_long
|
||||
kernelPatches.interpreter-trunc
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -14597,6 +14600,7 @@ in
|
|||
kernelPatches = [
|
||||
kernelPatches.bridge_stp_helper
|
||||
kernelPatches.modinst_arg_list_too_long
|
||||
kernelPatches.interpreter-trunc
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -14611,6 +14615,7 @@ in
|
|||
kernelPatches = [
|
||||
kernelPatches.bridge_stp_helper
|
||||
kernelPatches.modinst_arg_list_too_long
|
||||
kernelPatches.interpreter-trunc
|
||||
];
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue