• Kees Cook's avatar
    exec: load_script: Do not exec truncated interpreter path · b5372fe5
    Kees Cook authored
    Commit 8099b047 ("exec: load_script: don't blindly truncate
    shebang string") was trying to protect against a confused exec of a
    truncated interpreter path. However, it was overeager and also refused
    to truncate arguments as well, which broke userspace, and it was
    reverted. This attempts the protection again, but allows arguments to
    remain truncated. In an effort to improve readability, helper functions
    and comments have been added.
    Co-developed-by: 's avatarLinus Torvalds <torvalds@linux-foundation.org>
    Signed-off-by: 's avatarKees Cook <keescook@chromium.org>
    Cc: Andrew Morton <akpm@linux-foundation.org>
    Cc: Oleg Nesterov <oleg@redhat.com>
    Cc: Samuel Dionne-Riel <samuel@dionne-riel.com>
    Cc: Richard Weinberger <richard.weinberger@gmail.com>
    Cc: Graham Christensen <graham@grahamc.com>
    Cc: Michal Hocko <mhocko@suse.com>
    Signed-off-by: 's avatarLinus Torvalds <torvalds@linux-foundation.org>
    b5372fe5
binfmt_script.c 4.34 KB