[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] progname: don't segfault when argv is NULL
From: |
Jim Meyering |
Subject: |
[PATCH] progname: don't segfault when argv is NULL |
Date: |
Fri, 04 Dec 2009 14:34:19 +0100 |
Hi Bruno,
Ok to apply the patch below?
Without it, anyone can make nearly any coreutils program segfault
with this simple recipe:
printf '%s\n' '#include <unistd.h>' 'int main(int c, char**v)' \
'{ execve (v[1], 0, 0); }' > k.c && gcc k.c && ./a.out /bin/cat
While that usage of execve is in violation of POSIX,
nothing prevents a set_program_name caller from calling
the function with a NULL argument. Hence, we should handle it.
As for why I chose to use an empty string, ...
That will make it obvious that something is going wrong,
and cannot be confused with a legitimate program name.
For reference, perl uses the empty string, too:
$ printf 'print ":$ARGV[0]:\n"' |./a.out /usr/bin/perl
::
>From 761448cef4c36ec0551eeaa39fb65a87c0ba39ae Mon Sep 17 00:00:00 2001
From: Jim Meyering <address@hidden>
Date: Fri, 4 Dec 2009 14:28:25 +0100
Subject: [PATCH] progname: don't segfault when argv is NULL
* lib/progname.c (set_program_name): Don't let an abusive or
erroneous caller induce a NULL dereference. Handle a NULL argument.
---
ChangeLog | 6 ++++++
lib/progname.c | 3 +++
2 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index da260c1..30353ef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2009-12-04 Jim Meyering <address@hidden>
+
+ progname: don't segfault when argv is NULL
+ * lib/progname.c (set_program_name): Don't let an abusive or
+ erroneous caller induce a NULL dereference. Handle a NULL argument.
+
2009-12-03 Paolo Bonzini <address@hidden>
exclude: Fix header file problems.
diff --git a/lib/progname.c b/lib/progname.c
index bfa374a..d847d1e 100644
--- a/lib/progname.c
+++ b/lib/progname.c
@@ -42,6 +42,9 @@ set_program_name (const char *argv0)
const char *slash;
const char *base;
+ if (argv0 == NULL)
+ argv0 = "";
+
slash = strrchr (argv0, '/');
base = (slash != NULL ? slash + 1 : argv0);
if (base - argv0 >= 7 && strncmp (base - 7, "/.libs/", 7) == 0)
--
1.6.6.rc1.280.ge45b
- [PATCH] progname: don't segfault when argv is NULL,
Jim Meyering <=
- Re: [PATCH] progname: don't segfault when argv is NULL, Bruno Haible, 2009/12/04
- Re: [PATCH] progname: don't segfault when argv is NULL, Pádraig Brady, 2009/12/04
- Re: [PATCH] progname: don't segfault when argv is NULL, Eric Blake, 2009/12/04
- Re: [PATCH] progname: don't segfault when argv is NULL, Jim Meyering, 2009/12/05
- Re: [PATCH] progname: don't segfault when argv is NULL, Jim Meyering, 2009/12/06
- __nonnull__ declarations, Bruno Haible, 2009/12/06