| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <78959c88715049a4be00fc75bb333d3a@AcuMS.aculab.com>
Date: Tue, 1 Feb 2022 09:17:47 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Kees Cook' <keescook@...omium.org>,
Andrew Morton <akpm@...ux-foundation.org>
CC: Ariadne Conill <ariadne@...eferenced.org>,
Michael Kerrisk <mtk.manpages@...il.com>,
Matthew Wilcox <willy@...radead.org>,
"Christian Brauner" <brauner@...nel.org>,
Rich Felker <dalias@...c.org>,
Eric Biederman <ebiederm@...ssion.com>,
Alexander Viro <viro@...iv.linux.org.uk>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>
Subject: RE: [PATCH] exec: Force single empty string when argv is empty
From: Kees Cook
> Sent: 01 February 2022 00:10
...
> While the initial code searches[6][7] turned up what appeared to be
> mostly corner case tests, trying to that just reject argv == NULL
> (or an immediately terminated pointer list) quickly started tripping[8]
> existing userspace programs.
>
> The next best approach is forcing a single empty string into argv and
> adjusting argc to match. The number of programs depending on argc == 0
> seems a smaller set than those calling execve with a NULL argv.
Has anyone considered using the pathname for argv[0]?
So converting:
execl(path, NULL);
into:
execl(path, path, NULL);
I've not spotted any such suggestion.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists