From owner-freebsd-bugs@FreeBSD.ORG  Sun Mar  6 22:57:06 2011
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CBC561065672;
	Sun,  6 Mar 2011 22:57:06 +0000 (UTC)
	(envelope-from devon.odell@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 35E368FC1A;
	Sun,  6 Mar 2011 22:57:05 +0000 (UTC)
Received: by wwb31 with SMTP id 31so4785416wwb.31
	for <multiple recipients>; Sun, 06 Mar 2011 14:57:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type
	:content-transfer-encoding;
	bh=XnIUOCPEDOVXIdJsaoorXkI9YSSwfXALZX8vw4MJ61s=;
	b=w6CF4BujXIGUyGMSddzCG3uDzm4chBSoOXnhoVSIo/JJw1FWg9piewg+ig5o0UeNut
	41WdV/onY4Wd6mgnHRkR+z2UGc7yXBas0SjTq6QUnZ6k2hWtmh8ucPq+1PNFBFV1ysVJ
	SODFD64gXo0COKON7y6Muf/2UL5ff84P3zEp0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	b=Y2xEEZaGSEKE355iYhIXl3D8c4olZwpY2bkOsXf3ucwgbPf+7/SVoJ1IqMYV0SftlP
	Y10lxx4/k+sOlMfGrhWsCHmVkGF3pXcBiIQBS2W/DRcp+MOXta11uWfwGkd4bKcd27ok
	CK5rfQKyMKTWv77Oo0mX1esrydWpkDLzJYlIk=
MIME-Version: 1.0
Received: by 10.216.120.193 with SMTP id p43mr2641341weh.92.1299452225147;
	Sun, 06 Mar 2011 14:57:05 -0800 (PST)
Received: by 10.216.183.13 with HTTP; Sun, 6 Mar 2011 14:57:05 -0800 (PST)
In-Reply-To: <AANLkTi=dUkneFhOMh_R6d7jS1og32xrBGo=+_LjedgHL@mail.gmail.com>
References: <201103061956.p26JutYe064887@red.freebsd.org>
	<201103062000.p26K0InG097407@freefall.freebsd.org>
	<AANLkTinQqtBD1ANhjs6P3gb5EJL4MhPUcLiPfo+mpNEX@mail.gmail.com>
	<AANLkTi=dUkneFhOMh_R6d7jS1og32xrBGo=+_LjedgHL@mail.gmail.com>
Date: Sun, 6 Mar 2011 17:57:05 -0500
Message-ID: <AANLkTi=MCLXuSH5b_4chfMjsCjyudV6-82-C0FvzKG8U@mail.gmail.com>
From: "Devon H. O'Dell" <devon.odell@gmail.com>
To: Oliver Pinter <oliver.pntr@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-bugs@freebsd.org, FreeBSD-gnats-submit@freebsd.org
Subject: Re: kern/155321: imgact_shell integer underflow when argv[0] is
 longer than interp + path
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Mar 2011 22:57:06 -0000

Yeah, this has been a bug for quite some time.

--dho

2011/3/6 Oliver Pinter <oliver.pntr@gmail.com>:
> under 7.4 exist too this problem
>
> XXX@XXX test> gcc execve.c
> XXX@XXX test> cp /bin/ls .
> XXX@XXX test> ./a.out ls /tmp/test/ls
> a.out =A0 =A0 =A0 =A0 =A0 execve.c =A0 =A0 =A0 =A0ls =A0 =A0 =A0 =A0 =A0 =
=A0 =A0shellscript
> XXX@XXX test> ./a.out shellscript asdf
> shellscript
> XXX@XXX test> ./a.out shellscript /tmp/test/
> a.out* =A0 =A0 =A0 execve.c =A0 =A0 ls* =A0 =A0 =A0 =A0 =A0shellscript*
> XXX@XXX test> ./a.out shellscript /tmp/test/ls
> shellscript
> XXX@XXX test> ./a.out shellscript /tmp/test/shellscript
> shellscript
> XXX@XXX test> ./a.out shellscript /bin/echo-shellscript
> shellscript
> XXX@XXX test> ./a.out shellscript /bin/echo-shellscript1
> execve: Argument list too long
> XXX@XXX test> uname -a
> FreeBSD XXX 7.4-STABLE FreeBSD 7.4-STABLE #71 r219301+472ccf9: Sun Mar
> =A06 19:16:46 CET 2011 =A0 =A0 XXX@XXX:/usr/obj/usr/src/sys/stable =A0amd=
64
>
>
> On 3/6/11, Devon H. O'Dell <devon.odell@gmail.com> wrote:
>> Actually, kib@ points out that this isn't quite correct; the correct
>> fix should indeed be a 1-liner, attached.
>>
>> --dho
>>
>