mirrors/tinycc
1
0
Fork 0
mirror of https://github.com/frida/tinycc synced 2024-11-27 18:19:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix argv/environ bound checking

Browse Source
This commit is contained in:
herman ten brugge 2020-08-11 08:39:12 +02:00
parent 8b8e714517
commit 70b16cb7f8
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/bcheck.c
View File

@ -945,7 +945,7 @@ __bound_main_arg(int argc, char **argv, char **envp)
WAIT_SEM ();
for (i = 0; i < argc; i++)
tree = splay_insert((size_t) argv[i], strlen (argv[i]) + 1, tree);
tree = splay_insert((size_t) argv, argc * sizeof(char *), tree);
tree = splay_insert((size_t) argv, (argc + 1) * sizeof(char *), tree);
POST_SEM ();
#if BOUND_DEBUG
if (print_calls) {
@ -954,7 +954,7 @@ __bound_main_arg(int argc, char **argv, char **envp)
__FILE__, __FUNCTION__,
argv[i], (unsigned long)(strlen (argv[i]) + 1));
dprintf(stderr, "%s, %s(): argv %p 0x%lx\n",
__FILE__, __FUNCTION__, argv, argc * sizeof(char *));
__FILE__, __FUNCTION__, argv, (argc + 1) * sizeof(char *));
}
#endif
}
@ -967,7 +967,7 @@ __bound_main_arg(int argc, char **argv, char **envp)
tree = splay_insert((size_t) *p, strlen (*p) + 1, tree);
++p;
}
tree = splay_insert((size_t) envp, p - envp, tree);
tree = splay_insert((size_t) envp, (++p - envp) * sizeof(char *), tree);
POST_SEM ();
#if BOUND_DEBUG
if (print_calls) {
@ -979,7 +979,7 @@ __bound_main_arg(int argc, char **argv, char **envp)
++p;
}
dprintf(stderr, "%s, %s(): environ %p 0x%lx\n",
__FILE__, __FUNCTION__, envp, p - envp);
__FILE__, __FUNCTION__, envp, (++p - envp) * sizeof(char *));
}
#endif
}