[PATCH 0/5] exec: binfmt_misc: fix use-after-free, kill iname[BINPRM_BUF_SIZE]

From: Oleg Nesterov
Date: Fri Sep 22 2017 - 10:36:30 EST

Next message: Colin King: "[PATCH] hwmon: (w83793): make const array watchdog_minors static, reduces object code size"
Previous message: Paolo Valente: "Re: [PATCH V6 00/18] blk-throttle: add .low limit"
Next in thread: Oleg Nesterov: "[PATCH 1/5] exec: binfmt_misc: don't nullify Node->dentry in kill_node()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Note: 5/5 depends on

-extern int bprm_change_interp(char *interp, struct linux_binprm *bprm);
+extern int bprm_change_interp(const char *interp, struct linux_binprm *bprm);

change in

[PATCH] exec: load_script: kill the onstack interp[BINPRM_BUF_SIZE] array
https://marc.info/?l=linux-kernel&m=150575251328591

I sent before.

Looks like this code was always wrong, then 948b701a607f ("binfmt_misc: add persistent
opened binary handler for containers") added more problems.

Oleg.

fs/binfmt_misc.c | 56 ++++++++++++++++++++++++++------------------------------
1 file changed, 26 insertions(+), 30 deletions(-)

Next message: Colin King: "[PATCH] hwmon: (w83793): make const array watchdog_minors static, reduces object code size"
Previous message: Paolo Valente: "Re: [PATCH V6 00/18] blk-throttle: add .low limit"
Next in thread: Oleg Nesterov: "[PATCH 1/5] exec: binfmt_misc: don't nullify Node->dentry in kill_node()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]