https://bugs.kde.org/show_bug.cgi?id=506813
Mark Wielaard <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|ASSIGNED |RESOLVED --- Comment #6 from Mark Wielaard <[email protected]> --- Makes sense to combine these fixes. Even though it does more checks the code is not simpler. Thanks. Pushed as commit a2c294b3b19ef4af391014e7b3cbc5ec75b2bd68 Author: Martin Cermak <[email protected]> Date: Fri Aug 1 15:35:04 2025 +0200 Fix execveat() with AT_FDCWD and relative path, add more checks This update does address two closely related problems: 1) In case execveat() is called with a special file descriptor value of AT_FDCWD (-100), it should accept this special value, and interpret the provided pathname as relative to the current working directory of the calling process (like execve(2)) instead of failing with EBADF, as it does without this patch. Covered by LTP testcase execveat01. https://bugs.kde.org/show_bug.cgi?id=506806 2) Add checks preventing execveat() of symlinked programs in case AT_SYMLINK_NOFOLLOW was specified. Add checks preventing execveat() from passing in case invalid flag was specified. Covered by LTP testcase execveat02. https://bugs.kde.org/show_bug.cgi?id=506813 -- You are receiving this mail because: You are watching all bug changes.
