Skip to content
Permalink
Browse files

Stack can grow in either direction, so needs signed subtraction and a…

…bs().

Both positive and both negative should work, even crossing midpoint (which
should never happen on linux) works in two's complement.
  • Loading branch information...
landley committed Sep 21, 2018
1 parent 2b8a976 commit 3f98870c621d574cbcbb97a6601229cfc1781c7b
Showing with 3 additions and 1 deletion.
  1. +3 −1 main.c
4 main.c
@@ -156,8 +156,10 @@ void toy_exec_which(struct toy_list *which, char *argv[])

// Compiler writers have decided subtracting char * is undefined behavior,
// so convert to integers. (LP64 says sizeof(long)==sizeof(pointer).)
// Signed typecast so stack growth direction is irrelevant: we're measuring
// the distance between two pointers on the same stack, hence the labs().
if (!CFG_TOYBOX_NORECURSE && toys.stacktop)
if (labs((unsigned long)toys.stacktop-(unsigned long)&which)>6000) return;
if (labs((long)toys.stacktop-(long)&which)>6000) return;

// Return if we need to re-exec to acquire root via suid bit.
if (toys.which && (which->flags&TOYFLAG_ROOTONLY) && toys.wasroot) return;

0 comments on commit 3f98870

Please sign in to comment.
You can’t perform that action at this time.