[Toybox] DEBUG + NORECURSE "mount" crash when not root
enh
enh at google.com
Wed Jan 20 20:32:44 PST 2016
actually, the NORECURSE doesn't appear to matter. just DEBUG appears
to be sufficient.
On Wed, Jan 20, 2016 at 8:27 PM, enh <enh at google.com> wrote:
> if i run "mount" as non-root, i get a crash here:
>
> } else if (CFG_TOYBOX_DEBUG && uid && which != toy_list)
> error_msg("Not installed suid root");
>
> because of a null pointer dereference here:
>
> void verror_msg(char *msg, int err, va_list va)
> {
> char *s = ": %s";
>
> fprintf(stderr, "%s: ", toys.which->name);
>
> here's the backtrace:
>
> 000000000000c7d8 verror_msg+72
> /proc/self/cwd/external/toybox/lib/lib.c:12
> 000000000000c914 error_msg+124
> /proc/self/cwd/external/toybox/lib/lib.c:27
> 000000000001011c toy_init+88
> /proc/self/cwd/external/toybox/main.c:112
> 0000000000010318 toy_exec+180
> /proc/self/cwd/external/toybox/main.c:143
> 000000000000fec4 toybox_main+36
> /proc/self/cwd/external/toybox/main.c:156
>
> time to merge your stacktop fix and revert the NORECURSE config, but i
> thought i'd report this anyway...
>
> --
> Elliott Hughes - http://who/enh - http://jessies.org/~enh/
> Android native code/tools questions? Mail me/drop by/add me as a reviewer.
--
Elliott Hughes - http://who/enh - http://jessies.org/~enh/
Android native code/tools questions? Mail me/drop by/add me as a reviewer.
More information about the Toybox
mailing list