From 73b029f919d4c023bddf83b0b8aaa1e79f132fa9 Mon Sep 17 00:00:00 2001
From: guenther <guenther@openbsd.org>
Date: Thu, 30 Apr 2015 03:11:21 +0000
Subject: [PATCH] Error out if the PT_INTERP segment isn't NUL terminated

ok deraadt@ millert@ miod@
---
 sys/kern/exec_elf.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c
index f8bfefe3b3d..76fd2d23eb8 100644
--- a/sys/kern/exec_elf.c
+++ b/sys/kern/exec_elf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: exec_elf.c,v 1.114 2015/04/26 05:30:42 guenther Exp $	*/
+/*	$OpenBSD: exec_elf.c,v 1.115 2015/04/30 03:11:21 guenther Exp $	*/
 
 /*
  * Copyright (c) 1996 Per Fogelstrom
@@ -559,6 +559,8 @@ ELFNAME2(exec,makecmds)(struct proc *p, struct exec_package *epp)
 			    pp->p_offset, interp, pp->p_filesz)) != 0) {
 				goto bad;
 			}
+			if (interp[pp->p_filesz - 1] != '\0')
+				goto bad;
 		} else if (pp->p_type == PT_LOAD) {
 			if (pp->p_filesz > pp->p_memsz) {
 				error = EINVAL;
-- 
2.20.1