diff options
author | gVisor bot <gvisor-bot@google.com> | 2019-10-29 21:03:32 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2019-10-29 21:03:32 +0000 |
commit | 910f97bb1367b9ded822e0b3a4870948ee20112c (patch) | |
tree | ec6a59d887ca087b18ea7f4b4c839b2e6d2e7ac0 | |
parent | a3fdb33c4583a9443abca60e479884e0bf45919f (diff) | |
parent | 38330e93774e68324d8f43adb27178453dee18b6 (diff) |
Merge release-20190806.1-341-g38330e9 (automated)
-rw-r--r-- | pkg/sentry/loader/elf.go | 2 | ||||
-rw-r--r-- | pkg/sentry/loader/loader.go | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/pkg/sentry/loader/elf.go b/pkg/sentry/loader/elf.go index 3ea037e4d..c2c3ec06e 100644 --- a/pkg/sentry/loader/elf.go +++ b/pkg/sentry/loader/elf.go @@ -644,6 +644,8 @@ func loadELF(ctx context.Context, args LoadArgs) (loadedELF, arch.Context, error // resolved, the interpreter should still be resolved if it is // a symlink. args.ResolveFinal = true + // Refresh the traversal limit. + *args.RemainingTraversals = linux.MaxSymlinkTraversals args.Filename = bin.interpreter d, i, err := openPath(ctx, args) if err != nil { diff --git a/pkg/sentry/loader/loader.go b/pkg/sentry/loader/loader.go index 803e7d41e..b03eeb005 100644 --- a/pkg/sentry/loader/loader.go +++ b/pkg/sentry/loader/loader.go @@ -293,6 +293,8 @@ func loadExecutable(ctx context.Context, args LoadArgs) (loadedELF, arch.Context ctx.Infof("Error loading interpreter script: %v", err) return loadedELF{}, nil, nil, nil, err } + // Refresh the traversal limit for the interpreter. + *args.RemainingTraversals = linux.MaxSymlinkTraversals default: ctx.Infof("Unknown magic: %v", hdr) return loadedELF{}, nil, nil, nil, syserror.ENOEXEC |