diff options
author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2016-08-28 21:12:05 +0200 |
---|---|---|
committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2016-08-28 21:15:39 +0200 |
commit | 1f78ddd5719d50d3af7140066316932ef00044cf (patch) | |
tree | 485095362e9535714886beb375173b7a20423b7b /exec | |
parent | db0f7e843e8de6ed25cf7ad5aa0fb3df2acaef7c (diff) |
Fix exec crash when setexecdata has never been called
or called with a small array.
This notably happens when using a sub-exec, see BZ #48919.
* exec/hashexec.c (check_hashbang): Check std_nports before accessing
std_ports.
Diffstat (limited to 'exec')
-rw-r--r-- | exec/hashexec.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/exec/hashexec.c b/exec/hashexec.c index e53d2eea..6337f0a4 100644 --- a/exec/hashexec.c +++ b/exec/hashexec.c @@ -97,22 +97,24 @@ check_hashbang (struct execdata *e, mach_port_t port = ((which < nports && portarray[which] != MACH_PORT_NULL) ? portarray[which] : - (flags & EXEC_DEFAULTS) ? std_ports[which] - : MACH_PORT_NULL); + (flags & EXEC_DEFAULTS && which < std_nports) + ? std_ports[which] + : MACH_PORT_NULL); /* Reauthenticate dir ports if they are the defaults. */ switch (which) { case INIT_PORT_CRDIR: /* If secure, always use the default root. */ - if ((flags & EXEC_SECURE) || - port == std_ports[which]) + if ((which < std_nports && flags & EXEC_SECURE) || + (which < std_nports && port == std_ports[which])) return (reauthenticate (std_ports[which], &user_crdir) ?: (*operate) (user_crdir)); break; case INIT_PORT_CWDIR: /* If secure, reauthenticate cwd whether default or given. */ - if ((flags & EXEC_SECURE) || port == std_ports[which]) + if ((flags & EXEC_SECURE) || + (which < std_nports && port == std_ports[which])) return (reauthenticate (port, &user_cwdir) ?: (*operate) (user_cwdir)); break; |