[Toybox] DEBUG + NORECURSE "mount" crash when not root
enh
enh at google.com
Fri Jan 22 22:31:16 PST 2016
my work-around for now is to disable CFG_TOYBOX_DEBUG and use
CFG_TOYBOX_ON_ANDROID || CFG_TOYBOX_DEBUG to control the memset in ls:
https://android-review.googlesource.com/#/c/197530/ (click on the file
names to see the diffs.)
On Wed, Jan 20, 2016 at 8:32 PM, enh <enh at google.com> wrote:
> actually, the NORECURSE doesn't appear to matter. just DEBUG appears
> to be sufficient.
>
> On Wed, Jan 20, 2016 at 8:27 PM, enh <enh at google.com> wrote:
>> if i run "mount" as non-root, i get a crash here:
>>
>> } else if (CFG_TOYBOX_DEBUG && uid && which != toy_list)
>> error_msg("Not installed suid root");
>>
>> because of a null pointer dereference here:
>>
>> void verror_msg(char *msg, int err, va_list va)
>> {
>> char *s = ": %s";
>>
>> fprintf(stderr, "%s: ", toys.which->name);
>>
>> here's the backtrace:
>>
>> 000000000000c7d8 verror_msg+72
>> /proc/self/cwd/external/toybox/lib/lib.c:12
>> 000000000000c914 error_msg+124
>> /proc/self/cwd/external/toybox/lib/lib.c:27
>> 000000000001011c toy_init+88
>> /proc/self/cwd/external/toybox/main.c:112
>> 0000000000010318 toy_exec+180
>> /proc/self/cwd/external/toybox/main.c:143
>> 000000000000fec4 toybox_main+36
>> /proc/self/cwd/external/toybox/main.c:156
>>
>> time to merge your stacktop fix and revert the NORECURSE config, but i
>> thought i'd report this anyway...
>>
>> --
>> Elliott Hughes - http://who/enh - http://jessies.org/~enh/
>> Android native code/tools questions? Mail me/drop by/add me as a reviewer.
>
>
>
> --
> Elliott Hughes - http://who/enh - http://jessies.org/~enh/
> Android native code/tools questions? Mail me/drop by/add me as a reviewer.
--
Elliott Hughes - http://who/enh - http://jessies.org/~enh/
Android native code/tools questions? Mail me/drop by/add me as a reviewer.
More information about the Toybox
mailing list