Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S265413AbUAJWse (ORCPT ); Sat, 10 Jan 2004 17:48:34 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S265423AbUAJWsd (ORCPT ); Sat, 10 Jan 2004 17:48:33 -0500 Received: from [193.138.115.2] ([193.138.115.2]:50188 "HELO diftmgw.backbone.dif.dk") by vger.kernel.org with SMTP id S265413AbUAJWs1 (ORCPT ); Sat, 10 Jan 2004 17:48:27 -0500 Date: Sat, 10 Jan 2004 23:45:28 +0100 (CET) From: Jesper Juhl To: Maciej Zenczykowski cc: Valdis.Kletnieks@vt.edu, Andrew Morton , linux-kernel@vger.kernel.org Subject: Re: [PATCH][RFC] invalid ELF binaries can execute - better sanity checking In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1675 Lines: 40 On Sat, 10 Jan 2004, Maciej Zenczykowski wrote: > > Do you need smaller than this? : > ... > > That's a 100% valid ELF executable, and the entire program is 91 bytes.. > > Sure, it doesn't do much useful, and the ELF header and program header > > table is huge overhead compared to the actual program, but that overhead > > is minimal in any program that does any actual work. > > > > Also, I'm not planning to add anything that disallows anything the ELF > > spec allows, so you can still pull funny tricks like have sections overlap > > and in the above program put _start inside the unused padding bytes in > > e_ident[EI_PAD] if you want.. still a valid program, and not something > > that the checks I'm adding will prevent. > > > ... > > OK, if that 91 is OK, then no problem, I was thinking the minimum would be > around 1-2 KB (now that I think about it, not really sure why I assumed > that). I'm not mad enough to require/want shrinking from 90 to 45 > bytes :) especially since most useful programs have a little more meat to > them than the 80 bytes worth of header :) > If you have any small programs that you worry about and/or some programs that try to pull unusual (but valid) stunts, then I'd appreciate it if you'd help test out the patches I'm creating and verify that they don't cause any trouble - I already posted the first version of the patch to the list today and more will follow. -- Jesper Juhl - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/