summaryrefslogtreecommitdiff
path: root/exec/hashexec.c
diff options
context:
space:
mode:
authorSamuel Thibault <samuel.thibault@ens-lyon.org>2016-08-28 21:12:05 +0200
committerSamuel Thibault <samuel.thibault@ens-lyon.org>2016-08-28 21:15:39 +0200
commit1f78ddd5719d50d3af7140066316932ef00044cf (patch)
tree485095362e9535714886beb375173b7a20423b7b /exec/hashexec.c
parentdb0f7e843e8de6ed25cf7ad5aa0fb3df2acaef7c (diff)
Fix exec crash when setexecdata has never been called
or called with a small array. This notably happens when using a sub-exec, see BZ #48919. * exec/hashexec.c (check_hashbang): Check std_nports before accessing std_ports.
Diffstat (limited to 'exec/hashexec.c')
-rw-r--r--exec/hashexec.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/exec/hashexec.c b/exec/hashexec.c
index e53d2eea..6337f0a4 100644
--- a/exec/hashexec.c
+++ b/exec/hashexec.c
@@ -97,22 +97,24 @@ check_hashbang (struct execdata *e,
mach_port_t port = ((which < nports &&
portarray[which] != MACH_PORT_NULL)
? portarray[which] :
- (flags & EXEC_DEFAULTS) ? std_ports[which]
- : MACH_PORT_NULL);
+ (flags & EXEC_DEFAULTS && which < std_nports)
+ ? std_ports[which]
+ : MACH_PORT_NULL);
/* Reauthenticate dir ports if they are the defaults. */
switch (which)
{
case INIT_PORT_CRDIR:
/* If secure, always use the default root. */
- if ((flags & EXEC_SECURE) ||
- port == std_ports[which])
+ if ((which < std_nports && flags & EXEC_SECURE) ||
+ (which < std_nports && port == std_ports[which]))
return (reauthenticate (std_ports[which], &user_crdir) ?:
(*operate) (user_crdir));
break;
case INIT_PORT_CWDIR:
/* If secure, reauthenticate cwd whether default or given. */
- if ((flags & EXEC_SECURE) || port == std_ports[which])
+ if ((flags & EXEC_SECURE) ||
+ (which < std_nports && port == std_ports[which]))
return (reauthenticate (port, &user_cwdir) ?:
(*operate) (user_cwdir));
break;