Re: How to mount /proc/sys/fs/binfmt_misc ?

Colin Watson (cjw44@flatline.org.uk)
Mon, 19 Mar 2001 19:29:29 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Grover, Andrew: "RE: [CHECKER] 120 potential dereference to invalid pointers error"
Previous message: Tim Moore: "Re: UDMA 100 / PIIX4 question"
Next in thread: Richard Guenther: "Re: How to mount /proc/sys/fs/binfmt_misc ?"
Reply: Richard Guenther: "Re: How to mount /proc/sys/fs/binfmt_misc ?"

Alexander Viro <viro@math.psu.edu> wrote:
>Seriously, binfmt_misc.c was written in rather, erm, interesting C.
>Read it and you'll see. Just one (but rather impressive) example:
>
> if ((count == 1) && !(buffer[0] & ~('0' | '1'))) {
>
>It was meant to be
>
> if (count == 1 && (buffer[0] == '0' || buffer[0] == '1')) {
>
>and anyone who can't find the difference really should learn C. And
>that's not the only bogosity of such level. Besides, the thing is
>trivially oopsable - write() to any file in binfmt_misc with buffer
>pointing to unmapped kernel address and you are screwed,

Or you can register binfmt names that are registered already and
silently shadow old ones, or register names like 'register', 'status',
'.', and '..'. It's hideous to manage reliably from userspace.

-- 
Colin Watson                                     [cjw44@flatline.org.uk]
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Grover, Andrew: "RE: [CHECKER] 120 potential dereference to invalid pointers error"
Previous message: Tim Moore: "Re: UDMA 100 / PIIX4 question"
Next in thread: Richard Guenther: "Re: How to mount /proc/sys/fs/binfmt_misc ?"
Reply: Richard Guenther: "Re: How to mount /proc/sys/fs/binfmt_misc ?"