On Thu, Jan 11, 2024 at 11:57:29PM -0700, Thomas Bertschinger wrote: > The memmove() in pop_cmd() reads and writes beyond the end of argv. > > This is basically harmless in the current C program; the environment > variable list immediately follows argv so all this does is unnecessarily > copy the beginning of that list. > > However, this will become problematic once we start calling C functions > like fs_cmds() from Rust code. Then argv will be a Vec<String> (as > *mut *mut i8) and the memory layout will be different--in particular, > I don't think we can assume that a Vec<String> will be NULL-terminated > like argv always is--, meaning the invalid write could lead to heap > corruption. > > Also, it doesn't look like full_cmd ever gets used after calling > pop_cmd() so I'm removing it here since it looks unneeded to me. > > Signed-off-by: Thomas Bertschinger <[email protected]>
Thanks - applied
