From 73468ece4666c3539aa292f0ac334a08023158bd Mon Sep 17 00:00:00 2001
From: Roman Khapov <r.khapov@yandex.ru>
Date: Thu, 8 Aug 2024 13:51:12 +0500
Subject: [PATCH] context_stack.c: rm PROT_EXEC (#652)

PROT_EXEC allows to execute code from coroutine stack, which is useless
feature, and moreover, this is not secure.

Signed-off-by: Roman Khapov <r.khapov@ya.ru>
Co-authored-by: Roman Khapov <r.khapov@ya.ru>
---
 third_party/machinarium/sources/context_stack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/third_party/machinarium/sources/context_stack.c b/third_party/machinarium/sources/context_stack.c
index 6ea46dc5d..43d5dfca9 100644
--- a/third_party/machinarium/sources/context_stack.c
+++ b/third_party/machinarium/sources/context_stack.c
@@ -16,7 +16,7 @@ int mm_contextstack_create(mm_contextstack_t *stack, size_t size,
 			   size_t size_guard)
 {
 	char *base;
-	base = mmap(0, size_guard + size, PROT_READ | PROT_WRITE | PROT_EXEC,
+	base = mmap(0, size_guard + size, PROT_READ | PROT_WRITE,
 		    MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
 	if (base == MAP_FAILED)
 		return -1;