Attachment #37074 for bug #83222

View | Details | Raw Unified | Return to bug 83222
Collapse All | Expand All

Lines 230-235 static unsigned long * create_aout_table Link Here

(-)linux-2.4.21.orig/fs/binfmt_aout.c (+3 lines)
230	#endif	230	#endif
231	put_user(argc,--sp);	231	put_user(argc,--sp);
232	current->mm->arg_start = (unsigned long) p;	232	current->mm->arg_start = (unsigned long) p;
		233	current->mm->arg_end = 0UL;
		234	current->mm->env_start = 0UL;
		235	current->mm->env_end = 0UL;
233	while (argc-->0) {	236	while (argc-->0) {
234	char c;	237	char c;
235	put_user(p,argv++);	238	put_user(p,argv++);

Lines 216-221 create_elf_tables(char *p, int argc, int Link Here

(-)linux-2.4.21.orig/fs/binfmt_elf.c (-2 / +5 lines)
216		216
217	__put_user((elf_addr_t)argc,--sp);	217	__put_user((elf_addr_t)argc,--sp);
218	current->mm->arg_start = (unsigned long) p;	218	current->mm->arg_start = (unsigned long) p;
		219	current->mm->arg_end = 0UL;
		220	current->mm->env_start = 0UL;
		221	current->mm->env_end = 0UL;
219	while (argc-->0) {	222	while (argc-->0) {
220	__put_user((elf_caddr_t)(unsigned long)p,argv++);	223	__put_user((elf_caddr_t)(unsigned long)p,argv++);
221	len = strnlen_user(p, PAGE_SIZE*MAX_ARG_PAGES);	224	len = strnlen_user(p, PAGE_SIZE*MAX_ARG_PAGES);
Lines 1104-1111 static int elf_core_dump(long signr, str Link Here
1104		1107
1105	/* first copy the parameters from user space */	1108	/* first copy the parameters from user space */
1106	memset(&psinfo, 0, sizeof(psinfo));	1109	memset(&psinfo, 0, sizeof(psinfo));
1107	{	1110	if (current->mm->arg_end) {
1108	int i, len;	1111	unsigned int int i, len;
1109		1112
1110	len = current->mm->arg_end - current->mm->arg_start;	1113	len = current->mm->arg_end - current->mm->arg_start;
1111	if (len >= ELF_PRARGSZ)	1114	if (len >= ELF_PRARGSZ)





	task_lock(task);
	mm = task->mm;
	if (mm) {
 		if (mm->env_end)
 			atomic_inc(&mm->mm_users);
 		else
 			mm = NULL;
 	}
	task_unlock(task);
	if (mm && mm->env_start && mm->env_start < mm->env_end) {
		unsigned int len = mm->env_end - mm->env_start;
		if (len > PAGE_SIZE)
			len = PAGE_SIZE;
		res = access_process_vm(task, mm->env_start, buffer, len, 0);

		// If the nul at the end of args has been overwritten, then
		// assume application is using setproctitle(3).

		if ( res > 0 && buffer[res-1] != '\0' && mm->env_end) {
		{
			len = strnlen( buffer, res );
			if ( len < res )
			{

Return to bug 83222

Lines 174-184 static int proc_pid_environ(struct task_ Link Here

(-)linux-2.4.21.orig/fs/proc/base.c (-5 / +8 lines)
174		174
175	task_lock(task);	175	task_lock(task);
176	mm = task->mm;	176	mm = task->mm;
177	if (mm)	177	if (mm) {
178	atomic_inc(&mm->mm_users);	178	if (mm->env_end)
		179	atomic_inc(&mm->mm_users);
		180	else
		181	mm = NULL;
		182	}
179	task_unlock(task);	183	task_unlock(task);
180	if (mm && mm->env_start && mm->env_start < mm->env_end) {	184	if (mm && mm->env_start && mm->env_start < mm->env_end) {
181	int len = mm->env_end - mm->env_start;	185	unsigned int len = mm->env_end - mm->env_start;
182	if (len > PAGE_SIZE)	186	if (len > PAGE_SIZE)
183	len = PAGE_SIZE;	187	len = PAGE_SIZE;
184	res = access_process_vm(task, mm->env_start, buffer, len, 0);	188	res = access_process_vm(task, mm->env_start, buffer, len, 0);
Lines 218-225 static int proc_pid_cmdline(struct task_ Link Here
218	// If the nul at the end of args has been overwritten, then	222	// If the nul at the end of args has been overwritten, then
219	// assume application is using setproctitle(3).	223	// assume application is using setproctitle(3).
220		224
221	if ( res > 0 && buffer[res-1] != '\0' )	225	if ( res > 0 && buffer[res-1] != '\0' && mm->env_end) {
222	{
223	len = strnlen( buffer, res );	226	len = strnlen( buffer, res );
224	if ( len < res )	227	if ( len < res )
225	{	228	{