"Richard B. Johnson" wrote:
>
> Many programs have counted on being able to overwrite command-line
> arguments so that other information shows in `ps`. Linux Version 2.3.35
> now prevents that from working.
IMHO, programs that depend on overwriting argv members without regard to
checking for buffer overflows are broken, especially from a portability
standpoint. The space for the args is allocated on the user stack at
exec time, and the limits are stored in the mm struct for the task (this
is from binfmt_elf.c). If you exceed that space you will spill into the
space for the environment variables.
And if I am not mistaken, this is not new to 2.3.35. A quick look at
2.2.14 shows it works the same way.
> I have found that:
>
> argv[0] = "new command";
> argv[1] = "Next";
> argv[2] = NULL;
What you are doing here is changing the pointers in the argv array,
which proc_pid_cmdline does not follow. Maybe that is the fix - have it
follow those pointers instead of reading directly from the preallocated
string space. That way programs can point to their own strings and not
have to check how much space was allocated at exec time.
--Brian Gerst
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jan 07 2000 - 21:00:04 EST