static void init_user_stack(elf_prog_t *prog, int prot) { long argc = strings_count(prog->argv), envc = strings_count(prog->envp), auxc = auxv_count(prog->auxv); char *tmp_argv[argc+1], *tmp_envp[envc+1], *platform = (char *)get_aux(prog->auxv, AT_PLATFORM), *base_platform = (char *)get_aux(prog->auxv, AT_BASE_PLATFORM), *rand_bytes = (char *)get_aux(prog->auxv, AT_RANDOM); char *sp = (char *)(prog->task_size-get_stack_random_shift(prog->auxv)); sp -= sizeof(long); sp = prog->filename = stack_push_string(sp, prog->filename); char *untrusted_data_end=sp; sp = stack_push_strings(sp, tmp_envp, prog->envp); sp = stack_push_strings(sp, tmp_argv, prog->argv); taint_mem(sp, untrusted_data_end-sp, TAINT_ENV); sp = (char *)(((long)sp-0x100)&~0xf); if (platform) sp = platform = stack_push_string(sp, platform); if (base_platform) sp = base_platform = stack_push_string(sp, base_platform); if (rand_bytes) sp = rand_bytes = stack_push_data(sp, rand_bytes, 16); sp = (char *)((long)sp&~0xf); sp = stack_push_data(sp, prog->auxv, (auxc+1)*2*sizeof(long)); prog->auxv = (long *)sp; sp = stack_push_data(sp, tmp_envp, (envc+1)*sizeof(char *)); prog->envp = (char **)sp; sp = stack_push_data(sp, tmp_argv, (argc+1)*sizeof(char *)); prog->argv = (char **)sp; sp = stack_push_data(sp, &argc, sizeof(long)); set_aux(prog->auxv, AT_EXECFN, (long)prog->filename); set_aux(prog->auxv, AT_PLATFORM, (long)platform); set_aux(prog->auxv, AT_BASE_PLATFORM, (long)base_platform); set_aux(prog->auxv, AT_RANDOM, (long)rand_bytes); set_aux(prog->auxv, AT_PHDR, (long)prog->bin.phdr); set_aux(prog->auxv, AT_PHNUM, prog->bin.hdr.e_phnum); set_aux(prog->auxv, AT_BASE, prog->bin.base); set_aux(prog->auxv, AT_ENTRY, prog->bin.base + prog->bin.hdr.e_entry); prog->sp = (long *)sp; }
static char *stack_push_strings(char *sp, char **dst, char **src) { long i, c=strings_count(src); dst[c] = NULL; for (i=c-1; i>=0; i--) sp = dst[i] = stack_push_string(sp, src[i]); return sp; }
int stack_push_float(object store, string name, float entry) { return stack_push_string(store,name,FloatToString(entry)); }
int stack_push_int(object store, string name, int entry) { return stack_push_string(store,name,IntToString(entry)); }