[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tinycc-devel] mksh fails to build with bound check
From: |
Thomas Preud'homme |
Subject: |
Re: [Tinycc-devel] mksh fails to build with bound check |
Date: |
Thu, 20 Mar 2014 22:20:21 +0800 |
User-agent: |
KMail/4.11.5 (Linux/2.6.38-ac2-ac100; KDE/4.11.5; armv7l; ; ) |
Le dimanche 19 janvier 2014, 17:03:32 Kirill Smelkov a écrit :
Hi Kirill,
>
> Sorry for being silent for so long. I've started looking into the
> problem today, but before I've ever got to mksh, I've found one new bug
> wrt bcheck which is now fixed. Could you please see, does it maybe fixes
> mksh? If not, I'm willing to continue digging, only it will be very
> slow, as my time is very tight this days...
I've looked into it this week and managed to fix one bug with regards to
relocation of __bound_init (see commit
ec1c83081dd741bd18ca1821bf52535c444dc111) but there is still at least one
other bug. As I understand it the problem is that mksh loop over argv entries
in main with something like "while (!*argv)". This triggers a segfault by
bound_ptr_indir returning INVALID_POINTER. So I guess there is nothing right
now to add argv[] and environ[] among the ok zones. I was thinking about doing
it in __bound_init but there is some difficulty. From the environ variable it's
easy to find the beginning and end of environ array by browsing it.
Alternatively setenv of a new variable could do it in a faster way but there
is the risk of the array to be already full so the browsing seems more
reliable. The problem is to find the beginning and end of argv[]. For instance,
I don't know if with address space randomization the environ follows
immediately the end of argv (it seems to be the case on my machine). As to the
beginning of argv, I can only think of taking the address of a local variable
but that's only an approximation.
Alternatively, a different prologue could be generated for the main function
that calls a __bound_new_argument_region that would take as parameter argv and
then environ. What do you think about it? Do you feel like trying?
Best regards,
Thomas
- Re: [Tinycc-devel] mksh fails to build with bound check,
Thomas Preud'homme <=