From 90bab90832d1f3863d8345bcc2a2e5f59c270af8 Mon Sep 17 00:00:00 2001 From: rsc Date: Sun, 31 May 2009 02:11:27 +0000 Subject: [PATCH] exec sanity check --- exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exec.c b/exec.c index 98c5d4c..1c653de 100644 --- a/exec.c +++ b/exec.c @@ -62,7 +62,7 @@ exec(char *path, char **argv) goto bad; if(ph.type != ELF_PROG_LOAD) continue; - if(ph.va + ph.memsz > sz) + if(ph.va + ph.memsz < ph.va || ph.va + ph.memsz > sz || ph.memsz < ph.filesz) goto bad; if(readi(ip, mem + ph.va, ph.offset, ph.filesz) != ph.filesz) goto bad;