Re: [PATCH][RFC] invalid ELF binaries can execute - better sanitychecking

From: Adrian Bunk
Date: Thu Jan 22 2004 - 14:27:42 EST

Next message: Mikael Pettersson: "[PATCH][2.6] local APIC LVTT init bug"
Previous message: Pascal Schmidt: "[PATCH] make ide-cd handle non-2kB sector sizes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 09, 2004 at 09:20:53PM +0100, Maciej Zenczykowski wrote:
> > I know of the document, but thank you for pointing it out, it's quite an
> > interresting read. Actually, reading that exact document ages ago was what
> > initially caused me to start reading the ELF loading code (thinking
> > "there's got to be something wrong here").
> > I've actually been planning to use some of the crazy stunts he pulls
> > with that code as validity checks of the code I want to implement (in
> > adition to specially tailored test-cases ofcourse).
>
> I think this points to an 'issue', if we're going to increase the checks
> in the ELF-loader (and thus increase the size of the minimal valid ELF
> file we can load, thus effectively 'bloating' (lol) some programs) we
> should probably allow some sort of direct binary executable files [i.e.
> header 'XBIN386\0' followed by Read/Execute binary code to execute by
> mapping as RX at any offset and jumping to offset 8] to allow writing
> minimal executables. Minimalizing executables is useful for embedded
> systems, portable devices, floppy distributions and ramdisk/initrd
> situations. Sure many of these solve this problem by UPX compressing
> busybox/crunchbox one-file-many-executables files, but it would still be
> nice to be able to dump all the extra crud in some cases. Some of these
> distributions already contain non-standards conforming ELF files. I have a
> 933 byte less and a 305 byte strings command on my initrd (taken from some
>...

The best non-standards conforming ELF program I know is e3 [1] - a
10 kB Editor that supports Emacs-, Vi-, Pico-, Nedit- and Wordstar-like
key bindings. Additionally, it includes a numeric calculator.

> Cheers,
> MaZe.

cu
Adrian

[1] http://www.sax.de/~adlibit/

--

"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mikael Pettersson: "[PATCH][2.6] local APIC LVTT init bug"
Previous message: Pascal Schmidt: "[PATCH] make ide-cd handle non-2kB sector sizes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]