Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp4826152rwl; Wed, 28 Dec 2022 09:17:55 -0800 (PST) X-Google-Smtp-Source: AMrXdXt5mBEWEGryBZpSsDPHvJ5lieSIKCxUO0+/La4gWx7yPKcLbCSp/Q9eUhuKPQsZbnJRkUBv X-Received: by 2002:a17:902:c94b:b0:189:76ef:e112 with SMTP id i11-20020a170902c94b00b0018976efe112mr35179725pla.41.1672247874987; Wed, 28 Dec 2022 09:17:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672247874; cv=none; d=google.com; s=arc-20160816; b=WU3jeFmWgvxwlRrOC3OrR23aQavF8rXHRvASkDSYwu/Hl465OioT4VZg7L4kHkcQIj rZ/X36o56rQsy9vE87kOA1Cxqjx77uEEQQqX1piwoCiHanzxNOH6+p9sUeP6XGNn0Y3N qOIkqAcw47+yAXUudjf52FRj6V64UKKi4LiNlOKDGKs9V/Fsr54Lyg4KUMC+WfStgo0K yz9l1T+tK1Sipm6eOyYfkcACJI8iqHuElTdjiNU9O+aiwfcX6JqOLNLsNM8/JDaYwunC JHw6vcQEV6KVd0PQPYxhzM7id02KB8SKQDkLEJAA0MkTQIjDLluOMARtDWFXbVOvsS/o Jz+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :dkim-signature:dkim-signature; bh=kNEXh77+6wY23ZdF9C0dJh8nBDvRVsFvdpp9oNCrBQA=; b=TbprBT26UIgseh5X7J/7gqdTL9fXgJuNg84QoNduXWTvs4nXShnV+kp9mnZ6Mjeo3F Z79qrMDTqsXKLJaT2XCePq3JSPCCsVesJWIg14Vkdv3jf1Lvf1BcmWFb2WKIFCc1lx6u cdxzeYkKgphhGcdX2EK3p5dHjtUf61EWJOZ33YnmSm8Cm0a0Gw9oFXcUayVpIKjRQgto 5s6cl6ge9Asx01ijX6ua6tYGOsIC2vB3CfsqPC4xIFMU4qihvS0ePlS7dgMjdVyrZ17p eu23+p+NH13f/IkiNbKVNDLQC+sihTNPh64RboiaHNdp1c4wutGblIgtcbFuq6pWZApk dHdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm2 header.b=TQXrNMCJ; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=Cm3M6SLA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c5-20020a170902c1c500b0018537cc29f9si16126208plc.15.2022.12.28.09.17.46; Wed, 28 Dec 2022 09:17:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm2 header.b=TQXrNMCJ; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=Cm3M6SLA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235015AbiL1QxX (ORCPT + 63 others); Wed, 28 Dec 2022 11:53:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43234 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235210AbiL1Qwp (ORCPT ); Wed, 28 Dec 2022 11:52:45 -0500 Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A26C1D0E4; Wed, 28 Dec 2022 08:47:32 -0800 (PST) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id CA0A25C0197; Wed, 28 Dec 2022 11:47:31 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Wed, 28 Dec 2022 11:47:31 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; t=1672246051; x= 1672332451; bh=kNEXh77+6wY23ZdF9C0dJh8nBDvRVsFvdpp9oNCrBQA=; b=T QXrNMCJuy72Qyz8a+hAKaJwHniwj+t/33+MUy98/s1jDMTK9TnCzM9PVH7veOxl2 abNE3E53WEtzhRFn7rTT9+Nbgu/M2xZoSF3rdWbmlOHBI4tX4vCYEAqZliAn1dQX b3DLhKblswviltyAS+uGGNBV7eutuEOO6RfrmKlnPPEILM9rzuEK3isQaqGlz73u Pg1NwXRVhOaZS10FIPHtlhisbPSzMrQoYsVUwCFqBXHlNzoAhuJk2PnirM4UggJv faeCH6SJmNKSn5mNjjccthJNR0gUvd2zRE8elqKu8aN0dhaAxITW4VJrIbN7FMmf BlbulI98MbufWDvXO994Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1672246051; x=1672332451; bh=kNEXh77+6wY23ZdF9C0dJh8nBDvR VsFvdpp9oNCrBQA=; b=Cm3M6SLAGROnguwnqsMb5REVOQ5WnIndpxqFT1cV0p3B mKlBHKOQzSbGx75r3ZjcNXq9csWpffkW/wAsaXGvTA5IBcHl+4/zzIqVob25kGvn 1QekDtW1wM6jF8QwtEBYieJQV0LHIFcCBpabqKU5ntSWNc37jVZVmJi52ZCuyKqk RDh70r7a82gAAMQa1nLUT509oaZ5sb5DsvRznmAtfHlAfBZRlv0hE9LMUBlKLIf3 WihKESlR30cejoaJNZB9wsrDERj1rc9z60hqSwoYc3g9BhBZI6NFOA2oSUGtY+p8 EVeKXDQJtcKuT9IUdLSPkn4o0vasjacDpW3//t8DJg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedriedvgdelgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvfevuffkfhggtggujgesghdtre ertddtvdenucfhrhhomhepffgvmhhiucforghrihgvucfqsggvnhhouhhruceouggvmhhi sehinhhvihhsihgslhgvthhhihhnghhslhgrsgdrtghomheqnecuggftrfgrthhtvghrnh epudeileefueetvdelheeuteffjeegjeegffekleevueelueekjeejudffteejkeetnecu vehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepuggvmhhise hinhhvihhsihgslhgvthhhihhnghhslhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 28 Dec 2022 11:47:30 -0500 (EST) Date: Wed, 28 Dec 2022 11:47:25 -0500 From: Demi Marie Obenour To: oss-security@lists.openwall.com Cc: Alejandro Colomar , Michael Kerrisk , linux-kernel@vger.kernel.org, linux-man@vger.kernel.org Subject: Re: [oss-security] [patch] proc.5: tell how to parse /proc/*/stat correctly Message-ID: References: <1a1963aa1036ba07@orthanc.ca> <20221228152458.6xyksrxunukjrtzx@mutt-hbsd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="r4azVG4BR9kBokFk" Content-Disposition: inline In-Reply-To: <20221228152458.6xyksrxunukjrtzx@mutt-hbsd> X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --r4azVG4BR9kBokFk Content-Type: text/plain; protected-headers=v1; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Date: Wed, 28 Dec 2022 11:47:25 -0500 From: Demi Marie Obenour To: oss-security@lists.openwall.com Cc: Alejandro Colomar , Michael Kerrisk , linux-kernel@vger.kernel.org, linux-man@vger.kernel.org Subject: Re: [oss-security] [patch] proc.5: tell how to parse /proc/*/stat correctly On Wed, Dec 28, 2022 at 10:24:58AM -0500, Shawn Webb wrote: > On Tue, Dec 27, 2022 at 04:44:49PM -0800, Lyndon Nerenberg (VE7TFX/VE6BBM= ) wrote: > > Dominique Martinet writes: > >=20 > > > But, really, I just don't see how this can practically be said to be = parsable... > >=20 > > In its current form it never will be. The solution is to place > > this variable-length field last. Then you can "cut -d ' ' -f 51-" > > to get the command+args part (assuming I counted all those fields > > correctly ...) > >=20 > > Of course, this breaks backwards compatability. >=20 > It would also break forwards compatibility in the case new fields > needed to be added. >=20 > The only solution would be a libxo-style feature wherein a > machine-parseable format is exposed by virtue of a file extension. >=20 > Examples: >=20 > 1. /proc/pid/stats.json > 2. /proc/pid/stats.xml > 3. /proc/pid/stats.yaml_shouldnt_be_a_thing A binary format would be even better. No risk of ambiguity. --=20 Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab --r4azVG4BR9kBokFk Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmOscyIACgkQsoi1X/+c IsHnOA//fT6cVIE4FIMywkI+AqPhk9XiChwWd7FjC1AvRuFHtzRVeZKbsQm5+TvP zsyVq80XH79nYyCvOdjUsU6ItgvLFssJhLrgLHsLZLgOBF6aCjcKTGQ/Gt6yksqG SYEf2mU5CDAvHiqqimYruOHU7I+4KLozQpk1zhOkb2YyVcl9Jwc6ia4k7p6Fffdi K/W851sXSQ4MHRGwu3Acwu014W0OgwCji/0UeFIhktSMMyi/sOQrs9F/hfsCty+q F1pCWeclNXERprw5653z5ujLGEUgD4eUX+DLoqxJ1oYQz0MvMITWISSZ8Q1lnPM+ xpaZZTF2cJG6IF0hBuMWqqudaOvfqKYlyXU2c92FyBKsVruaj1e7WDco60p4iFvX rxaPlMsRUYeMYjWdO9Uvhz1GcygbI4eBdQk6+XCNX+jvCHAG2TtKtda5fPa5r2mt wpfni8qiaGDJQybqsDqjAjjRlN+AgXQJYYK+GFDXCd7B6qdxpOGSJaTUmjw3Mf+6 vykA7kPEX2MrF2WCben6ve6pvUKQYI3NjjWUd+R1IDnnFrFMJiC7MdKgaRF2jN/1 x7w+U7oj6VngCGRWcwlbx01/BTkhJT1AvKF4wjCxffaG7OS9JYlOLfERAZTiXjMh PlHFUvAsRpTaqXdVVT3/f4WvXlFMGB7jydW9E/PX1Qd3YZHaOUo= =ujCS -----END PGP SIGNATURE----- --r4azVG4BR9kBokFk--