On 11/03/2017 08:37 PM, Kees Cook wrote:
> We don't. (In fact, arg copying happens before we've even figured out
> which binfmt is involved.) I lifted it to just before the point of no
> return, but moving it before arg copying looks very hard (which
> contributed to why we went with the implementation we did).
>
>> So it's pretty painful to make the limits different for suid and
>> non-suid binaries.
>
> I would agree.
I think I know what to implement for toybox now: xargs should trust
libc's sysconf() to provide the common-case starting limit (subtracting
env space) then implement the fallback pipe-from-child thing to
iteratively try half the argument list when that fails.
Elliott's even cc'd so he can update bionic's sysconf for the new 10 meg
thing from the title commit. :)
Rob
From 1583184571131583481@xxx Sun Nov 05 00:41:03 +0000 2017
X-GM-THRID: 1582908659593594930
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread