This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2 5/5] posix: Use posix_spawn for wordexp
- From: Carlos O'Donell <carlos at redhat dot com>
- To: Florian Weimer <fweimer at redhat dot com>, Adhemerval Zanella <adhemerval dot zanella at linaro dot org>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 7 Oct 2019 17:04:24 -0400
- Subject: Re: [PATCH v2 5/5] posix: Use posix_spawn for wordexp
- References: <20190731183136.21545-1-adhemerval.zanella@linaro.org> <20190731183136.21545-5-adhemerval.zanella@linaro.org> <87d0f8e4fu.fsf@oldenburg2.str.redhat.com>
On 10/7/19 3:33 PM, Florian Weimer wrote:
> * Adhemerval Zanella:
>
>> diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
>> index 10a0768a6b..ef780b0a65 100644
>> --- a/posix/wordexp-test.c
>> +++ b/posix/wordexp-test.c
>
>> -/* For each fork increment the fork count. */
>> -static void
>> -register_fork (void)
>> -{
>> - registered_forks++;
>> -}
>
> It's a bit sad to see this testing go away. It was originally added to
> catch command execution with WRDE_NOCMD.
>
> On Linux, could you enter a PID namespace instead and check that the
> next PID has the expected value?
>
> Carlos, you added this testing. Do you have an opinion here?
We should not regress testing WRDE_NOCMD, because doing so is what
lead to CVE-2014-7817 :-(
We should expend some effort here to provide robust testing for
WRDE_NOCMD.
All 3 tests I added rely on registered_forks testing to verify
correct operation of WRDE_NOCMD.
Is there anything we can do about this Adhemerval?
--
Cheers,
Carlos.