On 09/01/15 03:49, Theo de Raadt wrote:
Martijn van Duren wrote:
Hello tech@,
I took a quick glance at ksh and one of the first things I noticed was
that it uses some sanatizing code on argv. When looking at execve(2) I
see that EINVAL or EFAULT are returned when argv isn't properly
Hello tech@,
I took a quick glance at ksh and one of the first things I noticed was
that it uses some sanatizing code on argv. When looking at execve(2) I
see that EINVAL or EFAULT are returned when argv isn't properly
formatted. I've also verified this quickly by a small PoC and in
Martijn van Duren wrote:
> Hello tech@,
>
> I took a quick glance at ksh and one of the first things I noticed was
> that it uses some sanatizing code on argv. When looking at execve(2) I
> see that EINVAL or EFAULT are returned when argv isn't properly
> formatted. I've also verified this
> Martijn van Duren wrote:
> > Hello tech@,
> >
> > I took a quick glance at ksh and one of the first things I noticed was
> > that it uses some sanatizing code on argv. When looking at execve(2) I
> > see that EINVAL or EFAULT are returned when argv isn't properly
> > formatted. I've also