Fix a crash handling fexecve.

Found this by testing the Solaris execx (the bits that are
Linux-cmpatible) test. That was giving

--28286-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--28286-- si_code=2;  Faulting address: 0x4A0095A;  sp: 0x1002ca9c88

valgrind: the 'impossible' happened:
   Killed by fatal signal

host stacktrace:
==28286==    at 0x5803DE54: vgPlain_strcpy (m_libcbase.c:309)
==28286==    by 0x5810A9B3: vgSysWrap_linux_sys_execveat_before (syswrap-linux.c:13310)
==28286==    by 0x580953C9: vgPlain_client_syscall (syswrap-main.c:2234)

It's a mistake to copy the path obtained with VG_(resolve_filename) to
the client ARG2, it's unlikely to have space for the path.

Instead just copy the pointer.

diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c
index 38edccc9833a2c994d805d2556f87132d4181b36..e2fafd4213abfa43e5791ec3f5d07e32754a4308 100644 (file)
--- a/coregrind/m_syswrap/syswrap-linux.c
+++ b/coregrind/m_syswrap/syswrap-linux.c
@@ -13307,7 +13307,7 @@ PRE(sys_execveat)
            if (path[0] == '\0') {
                if (ARG5 & VKI_AT_EMPTY_PATH) {
                    if (VG_(resolve_filename)(ARG1, &buf)) {
-                       VG_(strcpy)(path, buf);
+                       path = buf;
                        check_pathptr = False;
                    }
                }