diff options
| author | Edmund Wu <fangkazuto@gmail.com> | 2019-02-14 18:16:17 -0500 |
|---|---|---|
| committer | Tim Steinbach <NeQuissimus@users.noreply.github.com> | 2019-02-14 21:01:00 -0500 |
| commit | f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7 (patch) | |
| tree | 437b588fd3b1b607f1bd7e9366b5bab44320a9ea /pkgs/os-specific | |
| parent | 13d1ba3439c91a187ae92e3f158c7c556b4f8c70 (diff) | |
| download | nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.tar nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.tar.gz nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.tar.bz2 nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.tar.lz nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.tar.xz nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.tar.zst nixlib-f0b8a113dd04f1b973beb1d6a1675978aa2b2cc7.zip | |
linux: allow for interpreter to be truncated
via https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb5b020a8d38f77209d0472a0fea755299a8ec78 see https://github.com/NixOS/nixpkgs/issues/53672
Diffstat (limited to 'pkgs/os-specific')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/interpreter-trunc.patch | 44 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/patches.nix | 7 |
2 files changed, 51 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/interpreter-trunc.patch b/pkgs/os-specific/linux/kernel/interpreter-trunc.patch new file mode 100644 index 000000000000..a0eceec2258f --- /dev/null +++ b/pkgs/os-specific/linux/kernel/interpreter-trunc.patch @@ -0,0 +1,44 @@ +From cb5b020a8d38f77209d0472a0fea755299a8ec78 Mon Sep 17 00:00:00 2001 +From: Linus Torvalds <torvalds@linux-foundation.org> +Date: Thu, 14 Feb 2019 15:02:18 -0800 +Subject: Revert "exec: load_script: don't blindly truncate shebang string" + +This reverts commit 8099b047ecc431518b9bb6bdbba3549bbecdc343. + +It turns out that people do actually depend on the shebang string being +truncated, and on the fact that an interpreter (like perl) will often +just re-interpret it entirely to get the full argument list. + +Reported-by: Samuel Dionne-Riel <samuel@dionne-riel.com> +Acked-by: Kees Cook <keescook@chromium.org> +Cc: Oleg Nesterov <oleg@redhat.com> +Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> +--- + fs/binfmt_script.c | 10 +++------- + 1 file changed, 3 insertions(+), 7 deletions(-) + +diff --git a/fs/binfmt_script.c b/fs/binfmt_script.c +index d0078cbb718b..7cde3f46ad26 100644 +--- a/fs/binfmt_script.c ++++ b/fs/binfmt_script.c +@@ -42,14 +42,10 @@ static int load_script(struct linux_binprm *bprm) + fput(bprm->file); + bprm->file = NULL; + +- for (cp = bprm->buf+2;; cp++) { +- if (cp >= bprm->buf + BINPRM_BUF_SIZE) +- return -ENOEXEC; +- if (!*cp || (*cp == '\n')) +- break; +- } ++ bprm->buf[BINPRM_BUF_SIZE - 1] = '\0'; ++ if ((cp = strchr(bprm->buf, '\n')) == NULL) ++ cp = bprm->buf+BINPRM_BUF_SIZE-1; + *cp = '\0'; +- + while (cp > bprm->buf) { + cp--; + if ((*cp == ' ') || (*cp == '\t')) +-- +cgit 1.2-0.3.lf.el7 + diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 4c338b37deca..18fd311ca067 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -57,4 +57,11 @@ rec { sha256 = "1l8xq02rd7vakxg52xm9g4zng0ald866rpgm8kjlh88mwwyjkrwv"; }; }; + + # https://github.com/NixOS/nixpkgs/issues/53672 + # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb5b020a8d38f77209d0472a0fea755299a8ec78 + interpreter-trunc = { + name = "interpreter-trunc"; + patch = ./interpreter-trunc.patch; + }; } |