bin/64150: [PATCH] ls(1) coredumps when started via execve(2)
with no argv.
Marc Olzheim
marcolz at stack.nl
Mon Mar 15 04:25:04 PST 2004
On Fri, Mar 12, 2004 at 08:29:52PM +0100, Marc Bevand wrote:
> On 12 Mar 2004, Ruslan Ermilov wrote:
> | On Fri, Mar 12, 2004 at 11:07:25AM -0500, Tom Rhodes wrote:
> | >
> | > Will it 'break' anything?
> |
> | Sure it will, the question is should we care about something that's
> | already broken. ;)
>
> It will break almost all shellcodes trying to be the shorter ones
> (as they pass NULL for argv and envp). So we can view it as a small
> security improvement (just kidding).
When I tested my patches (over 2 years ago), I didn't trigger any
compilation, nor any runtime problems...
Marc
More information about the freebsd-security
mailing list