Re: [PATCH][RFC] invalid ELF binaries can execute - better sanitychecking

From: Adrian Bunk (bunk_at_fs.tum.de)
Date: 01/22/04

  • Next message: Pascal Schmidt: "[PATCH] make ide-cd handle non-2kB sector sizes" 
    Date:	Thu, 22 Jan 2004 20:24:01 +0100
To: Maciej Zenczykowski <maze@cela.pl>

    On Fri, Jan 09, 2004 at 09:20:53PM +0100, Maciej Zenczykowski wrote:
    > > I know of the document, but thank you for pointing it out, it's quite an
    > > interresting read. Actually, reading that exact document ages ago was what
    > > initially caused me to start reading the ELF loading code (thinking
    > > "there's got to be something wrong here").
    > > I've actually been planning to use some of the crazy stunts he pulls
    > > with that code as validity checks of the code I want to implement (in
    > > adition to specially tailored test-cases ofcourse).
    >
    > I think this points to an 'issue', if we're going to increase the checks
    > in the ELF-loader (and thus increase the size of the minimal valid ELF
    > file we can load, thus effectively 'bloating' (lol) some programs) we
    > should probably allow some sort of direct binary executable files [i.e.
    > header 'XBIN386\0' followed by Read/Execute binary code to execute by
    > mapping as RX at any offset and jumping to offset 8] to allow writing
    > minimal executables. Minimalizing executables is useful for embedded
    > systems, portable devices, floppy distributions and ramdisk/initrd
    > situations. Sure many of these solve this problem by UPX compressing
    > busybox/crunchbox one-file-many-executables files, but it would still be
    > nice to be able to dump all the extra crud in some cases. Some of these
    > distributions already contain non-standards conforming ELF files. I have a
    > 933 byte less and a 305 byte strings command on my initrd (taken from some
    >...

    The best non-standards conforming ELF program I know is e3 [1] - a
    10 kB Editor that supports Emacs-, Vi-, Pico-, Nedit- and Wordstar-like
    key bindings. Additionally, it includes a numeric calculator.

    > Cheers,
    > MaZe.

    cu
    Adrian

    [1] http://www.sax.de/~adlibit/ 

    -- 
       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
  • Next message: Pascal Schmidt: "[PATCH] make ide-cd handle non-2kB sector sizes"