From: Olivier Dion <d...@linutronix.de>
If not handled, QEMU will execve itself instead of the emulated
process. This could result in potential security risk.
Signed-off-by: Olivier Dion <d...@linutronix.de>
---
linux-user/syscall.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 8367cb138d..1a475896a6 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7504,7 +7504,18 @@ static abi_long do_syscall1(void *cpu_env, int num,
abi_long arg1,
* before the execve completes and makes it the other
* program's problem.
*/
- ret = get_errno(safe_execve(p, argp, envp));
+ {
+ const char *pathname = p;
+ char real_path[PATH_MAX];
+ if (is_proc_myself(pathname, "exe")) {
+ if (NULL == realpath(exec_path, real_path)) {
+ ret = get_errno(-1);
+ goto execve_efault;
+ }
+ pathname = real_path;
+ }
+ ret = get_errno(safe_execve(pathname, argp, envp));
+ }
unlock_user(p, arg1, 0);
goto execve_end;
--
2.22.0
