Hmm, I don't have much knowledge about ELF. I just copied that loop from
another part of binfmt_elf and to the same check as in binfmt_aout.
> of the text from the brk to find the amount of allocated vm in between
> -- there may be large holes. Second, the PF_X test penalizes read-only
> data sections if they happen to have their own Phdr.
>
> A good substitute might be
>
> ...
Thanks. Here's my second try. Besidess, shouldn't it be possible to set the
limit on a per user base?
Michael
--- linux/fs/binfmt_elf.c.old Wed Jun 12 10:09:48 1996
+++ linux/fs/binfmt_elf.c Fri Jun 14 13:30:33 1996
@@ -7,6 +7,7 @@
* Tools".
*
* Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
+ * Added resource limits check: Michael Meskes (meskes@informatik.rwth-aachen.de)
*/
#include <linux/module.h>
@@ -351,8 +352,9 @@
unsigned int elf_entry, interp_load_addr = 0;
int status;
unsigned int start_code, end_code, end_data;
- unsigned int elf_stack;
+ unsigned int elf_stack, datasize;
char passed_fileno[6];
+ unsigned long rlim;
ibcs2_interpreter = 0;
status = 0;
@@ -515,6 +517,23 @@
return -E2BIG;
}
}
+
+ /* MM: Check if we extend resource limits */
+ /* Check proposed by Richard Henderson <rth@tamu.edu> */
+ rlim = current->rlim[RLIMIT_DATA].rlim_cur;
+ if (rlim >= RLIM_INFINITY)
+ rlim = ~0;
+ elf_ppnt = elf_phdata;
+ datasize = 0;
+ for(i=0;i < elf_ex.e_phnum; i++){
+ if(elf_ppnt->p_flags & PF_W) {
+ unsigned int new_data_size = datasize + elf_ppnt->p_memsz;
+ if (new_data_size > rlim || new_data_size < datasize)
+ return -ENOMEM;
+ }
+ elf_ppnt++;
+ }
+ /* MM: End */
/* OK, This is the point of no return */
flush_old_exec(bprm);
-- Michael Meskes | _____ ________ __ ____ meskes@informatik.rwth-aachen.de | / ___// ____/ // / / __ \___ __________ meskes@sanet.de | \__ \/ /_ / // /_/ /_/ / _ \/ ___/ ___/ meskes@debian.org | ___/ / __/ /__ __/\__, / __/ / (__ ) Use Debian Linux! | /____/_/ /_/ /____/\___/_/ /____/