Date: Fri, 24 Mar 2000 18:35:47 +0200 (EET) From: Dungeonkeeper <zethix@sofiaonline.com> To: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org Subject: shell issue Message-ID: <XFMail.000324183547.zethix@sofiaonline.com>
next in thread | raw e-mail | index | archive | help
Hi there, First of all: I want to apologise for my poor english. Today me and a few friends of mine discussed the shells' (well, shell is actualy one of: sh/bash/csh/tcsh... not tested for ksh) command line expansion routines, mainly because of a problem discovered by one of my friends. I'm not sure if this is something new... So, let me explain what he found. It seems that the shell wants to allocate enough memory to hold the entire command line when expanding all of the arguments and we can force it to allocate hudge ammount of memory with a tricky command like this: carnivoro# /bin/csh -c `cat /dev/urandom` (I use tcsh here (the carnivoro# prompt), but the same thing happens when testing with sh/bash/tcsh) In this situation, the shell tries to allocate enough memory to hold what it reads from /dev/urandom, because it must be passed as a command line argument to /bin/csh ( actually, any command will be ok ). So, the shell eats more and more memory (on my machine (3.4-STABLE) - 251 MB) before the kernel decided to take some action (like killing some processes... started by other users? system services? or... in my case... crash :). My friend said that he sent a mail to bugtraq describing this problem. Those who are interested can read it. I believe that the shells have a maximum command lenght, so... I'm trying now to make the shell use the same command lenght when expanding such commands. I think this is the best way to avoid this problem. Any ideas? Best regards: zethix What is worth doing is worth the trouble of asking somebody to do. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.000324183547.zethix>