This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v2 0/3] posix: Execute file function fixes


On 02/19/2016 03:11 PM, Joseph Myers wrote:
This is a case where, as noted in
<https://sourceware.org/ml/libc-alpha/2016-02/msg00044.html>, the stack
usage is proportional to the number of arguments passed by the caller -
that is, it's something determined statically at compile time, not under
the control of an attacker.

True, and that removes most of my objection to the change to execl, execle, and execlp. This limitation should be documented, though. (I still like the idea of reusing the stack and removing the limitation, but that's lower priority.)

However, the objection remains for posix_spawn and posix_spawnp, where the number of arguments is not determined statically. Luckily these two functions do not need to be async-signal-safe, so they can call malloc when there are too many arguments.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]