patch-1.3.23 linux/arch/i386/mm/fault.c

Next file: linux/drivers/block/README.ide
Previous file: linux/Makefile
Back to the patch index
Back to the overall index

diff -u --recursive --new-file v1.3.22/linux/arch/i386/mm/fault.c linux/arch/i386/mm/fault.c
@@ -49,6 +49,16 @@
 		goto bad_area;
 	if (vma->vm_end - address > current->rlim[RLIMIT_STACK].rlim_cur)
 		goto bad_area;
+	if (error_code & 4) {
+		/*
+		 * accessing the stack below %esp is always a bug.
+		 * The "+ 32" is there due to some instructions (like
+		 * pusha) doing pre-decrement on the stack and that
+		 * doesn't show up until later..
+		 */
+		if (address + 32 < regs->esp)
+			goto bad_area;
+	}
 	vma->vm_offset -= vma->vm_start - (address & PAGE_MASK);
 	vma->vm_start = (address & PAGE_MASK);
 /*

FUNET's LINUX-ADM group, [email protected]
TCL-scripts by Sam Shen, [email protected] with Sam's (original) version
of this