On Wed, 5 Jan 2000, Brian Gerst wrote:
> "Richard B. Johnson" wrote:
> >
> > Many programs have counted on being able to overwrite command-line
> > arguments so that other information shows in `ps`. Linux Version 2.3.35
> > now prevents that from working.
>
> IMHO, programs that depend on overwriting argv members without regard to
> checking for buffer overflows are broken, especially from a portability
> standpoint. The space for the args is allocated on the user stack at
> exec time, and the limits are stored in the mm struct for the task (this
> is from binfmt_elf.c). If you exceed that space you will spill into the
> space for the environment variables.
>
Yes, but who checks environment variables anyway? <grin>
> And if I am not mistaken, this is not new to 2.3.35. A quick look at
> 2.2.14 shows it works the same way.
>
Well I didn't notice this problem with 2.3.13, the first 2.3.nn I could
run well enough to keep on my machine.
> > I have found that:
> >
> > argv[0] = "new command";
> > argv[1] = "Next";
> > argv[2] = NULL;
>
> What you are doing here is changing the pointers in the argv array,
> which proc_pid_cmdline does not follow. Maybe that is the fix - have it
> follow those pointers instead of reading directly from the preallocated
> string space. That way programs can point to their own strings and not
> have to check how much space was allocated at exec time.
I think that this is what it should have done all along. Then we can
fix broken programs. Presently, it looks like there is no way to fix
them.
Cheers,
Dick Johnson
Penguin : Linux version 2.3.35 on an i686 machine (400.59 BogoMips).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jan 07 2000 - 21:00:04 EST