From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <musl-return-15439-ml=inbox.vuxu.org@lists.openwall.com>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.0 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,
	RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.2
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by inbox.vuxu.org (OpenSMTPD) with SMTP id 2597efc4
	for <ml@inbox.vuxu.org>;
	Thu, 13 Feb 2020 18:30:05 +0000 (UTC)
Received: (qmail 19542 invoked by uid 550); 13 Feb 2020 18:30:03 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 19522 invoked from network); 13 Feb 2020 18:30:02 -0000
Date: Thu, 13 Feb 2020 13:29:50 -0500
From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Message-ID: <20200213182950.GI1663@brightrain.aerifal.cx>
References: <6ead5f7b-d645-5df0-cb06-a99178471a96@bell-sw.com>
 <1286e416-808c-9795-f76d-d8efa7c0125f@adelielinux.org>
 <20200212142743.GY1663@brightrain.aerifal.cx>
 <CAM=KeC5JoGED=f3sWLOPd_33mbUKxztycfoY-hpBcnF5oveV9w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAM=KeC5JoGED=f3sWLOPd_33mbUKxztycfoY-hpBcnF5oveV9w@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: Rich Felker <dalias@aerifal.cx>
Subject: Re: [musl] execvp() behaviour with unrecognized file header

On Thu, Feb 13, 2020 at 11:02:08AM +0100, Micha Nelissen wrote:
> On 12-02-2020 15:27, Rich Felker wrote:
> >> Since this is non-conformant to POSIX, Adélie integrated quinq's patch:
> >> https://code.foxkit.us/adelie/musl/commit/16cbbea8e97d08e0fc6e9ccda0cf8b6e87ed6b82
> >
> > Note that this patch has multiple problems which is why it's not
> 
> For execlp, what about 'return execvp("/bin/sh", &file);' in case of
> ENOEXEC? Too ugly? Assumes right-to-left push order with top-down stack
> (or left-to-right in case of bottom-up stack).

This doesn't work -- even if you ignore UB and assume some simplistic
"high level asm" model of C.

There is a clean solution for execlp, just expanding the VLA by a
couple slots (VLA can be assumed reasonable size since the same number
of args were passed in to execlp and since the number is a fixed
compile-time constant the programmer has decided to use rather than
potentially variable) and prepending to the VLA if needed...

> Doesn't work for execvp itself though.

...but regardless execvp needs a solution too, and execlp can just
piggyback on whatever execvp does, so there's really no reason to be
writing a specialized version of this functionality for execlp.

Rich