git.baikalelectronics.ru Git - kernel.git/commit

author	Nick Piggin <npiggin@suse.de>
	Tue, 8 May 2007 07:25:16 +0000 (00:25 -0700)
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>
	Tue, 8 May 2007 18:15:00 +0000 (11:15 -0700)
commit	4d4865bf7b4741cb0485aa307142247d340622b8
tree	f2169f152113af815e69d74ca40c282439e7c3f6	tree \| snapshot
parent	98b52d4cc985d2322f3b0bc85fb764bfe9710d17	commit \| diff

exec: fix remove_arg_zero

Petr Tesarik discovered a problem in remove_arg_zero(). He writes:

When a script is loaded, load_script() replaces argv[0] with the
name of the interpreter and the filename passed to the exec syscall.
However, there is no guarantee that the length of the interpreter
name plus the length of the filename is greater than the length of
the original argv[0]. If the difference happens to cross a page boundary,
setup_arg_pages() will call put_dirty_page() [aka install_arg_page()]
with an address outside the VMA.

Therefore, remove_arg_zero() must free all pages which would be unused
after the argument is removed.

So, rewrite the remove_arg_zero function without gotos, with a few comments,
and with the commonly used explicit index/offset. This fixes the problem
and makes it easier to understand as well.

[a.p.zijlstra@chello.nl: add comment]
Signed-off-by: Nick Piggin <npiggin@suse.de>
Cc: Petr Tesarik <ptesarik@suse.cz>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>