kern/155321: imgact_shell integer underflow when argv[0] is longer than interp + path

Oliver Pinter oliver.pntr at gmail.com
Sun Mar 6 23:25:49 UTC 2011


under 7.4 exist too this problem

XXX at XXX test> gcc execve.c
XXX at XXX test> cp /bin/ls .
XXX at XXX test> ./a.out ls /tmp/test/ls
a.out           execve.c        ls              shellscript
XXX at XXX test> ./a.out shellscript asdf
shellscript
XXX at XXX test> ./a.out shellscript /tmp/test/
a.out*       execve.c     ls*          shellscript*
XXX at XXX test> ./a.out shellscript /tmp/test/ls
shellscript
XXX at XXX test> ./a.out shellscript /tmp/test/shellscript
shellscript
XXX at XXX test> ./a.out shellscript /bin/echo-shellscript
shellscript
XXX at XXX test> ./a.out shellscript /bin/echo-shellscript1
execve: Argument list too long
XXX at XXX test> uname -a
FreeBSD XXX 7.4-STABLE FreeBSD 7.4-STABLE #71 r219301+472ccf9: Sun Mar
 6 19:16:46 CET 2011     XXX at XXX:/usr/obj/usr/src/sys/stable  amd64


On 3/6/11, Devon H. O'Dell <devon.odell at gmail.com> wrote:
> Actually, kib@ points out that this isn't quite correct; the correct
> fix should indeed be a 1-liner, attached.
>
> --dho
>


More information about the freebsd-bugs mailing list