| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Oct 2023 11:03:04 +0200
From: Alejandro Colomar <alx@...nel.org>
To: Rik van Riel <riel@...riel.com>
Cc: linux-man@...r.kernel.org, kernel-team@...a.com,
linux-kernel@...r.kernel.org,
Matthew House <mattlloydhouse@...il.com>,
Eric Biederman <ebiederm@...ssion.com>
Subject: Re: [PATCH v5] execve.2: execve also returns E2BIG if a string is
too long
Hi Rik,
On Wed, Oct 11, 2023 at 09:46:52PM -0400, Rik van Riel wrote:
> The execve syscall returns -E2BIG in 3 cases:
> - The total length of the command line arguments and environment is too large.
> - An argument or environment string (including the NUL byte) is longer than MAX_ARG_STRLEN.
> - The full path to the executable (including the NUL byte) exceeds MAX_ARG_STRLEN.
I changed the above to fit in 72 columns.
>
> Spell out all 3 cases in the -E2BIG section.
>
> Discovered by moving a too large commandline parameter to an environment
> variable, and finding that things still did not work. Examined the code
> in fs/exec.c to get the details.
>
> This simple shell script starts failing at 2^17 on a system with 4kB
> page size:
> ./exec2big.sh: line 10: /bin/true: Argument list too long
> fork failed at loop 17
Moved this to after the script.
>
> #!/bin/sh
And indented the script to avoid issues with git and hashes in commit
messages.
> STRING="a"
>
> for loop in `seq 20`; do
> STRING="$STRING$STRING"
> export STRING
> if /bin/true ; then
> : # still under the limit
> else
> echo "fork failed at loop $loop"
> fi
> done
>
> Signed-off-by: Rik van Riel <riel@...riel.com>
> Suggested-by: Matthew House <mattlloydhouse@...il.com>
And reordered this.
Patch applied. :)
<https://www.alejandro-colomar.es/src/alx/linux/man-pages/man-pages.git/commit/?h=contrib&id=39a4ac5820cbdc8c9f7ebaad70f1adcc59955cbb>
> ---
> man2/execve.2 | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/man2/execve.2 b/man2/execve.2
> index 0d9582492ad1..b689101771e5 100644
> --- a/man2/execve.2
> +++ b/man2/execve.2
> @@ -449,7 +449,12 @@ The total number of bytes in the environment
> .RI ( envp )
> and argument list
> .RI ( argv )
> -is too large.
> +is too large,
> +an argument or environment string is too long,
> +or the full
> +.I pathname
> +of the executable is too long.
> +The terminating NUL is counted as part of the string length.
I replaced s/NUL/null byte/
man-pages(7):
NULL, NUL, null pointer, and null byte
A null pointer is a pointer that points to nothing, and is nor‐
mally indicated by the constant NULL. On the other hand, NUL
is the null byte, a byte with the value 0, represented in C via
the character constant '\0'.
The preferred term for the pointer is "null pointer" or simply
"NULL"; avoid writing "NULL pointer".
The preferred term for the byte is "null byte". Avoid writing
"NUL", since it is too easily confused with "NULL". Avoid also
the terms "zero byte" and "null character". The byte that ter‐
minates a C string should be described as "the terminating null
byte"; strings may be described as "null‐terminated", but avoid
the use of "NUL‐terminated".
I kept NUL in the commit message, because I actually like using NUL, but
Michael didn't, and for consistency, I keep that in the body of the
manual pages. In the commit message, it's fine for me.
Cheers,
Alex
> .TP
> .B EACCES
> Search permission is denied on a component of the path prefix of
> --
> 2.41.0
>
--
<https://www.alejandro-colomar.es/>
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists