Closed RiscInside closed 2 years ago
andronat
commented
2 years ago Is there a reason you prefer to forward the interpreter path to execve instead of directly calling the interpreter elf binary? The reason I'm asking because execve() -> Interpreter scripts is doing exactly this.
I'm slightly reluctant with execve-ing inside sabre because it is just another layer of complexity for debugging with gdb.
RiscInside
commented
2 years ago Initially, I thought that shebangs can pass arbitrarily many command-line arguments, so I decided to call into execve to avoid moving the entire stack frame. Now I know that there can be at most two additional arguments introduced by the shebang line (interpreter path + optional argument), so I can change it to rewriting the frame instead
andronat
commented
2 years ago I see. That's a good point. Actually then it is indeed better to call execve! I'll add some small comments in your code soon and then we can merge 🚀.
RiscInside
commented
2 years ago I changed it to not call execve since there is always enough room in the argv array for two more arguments
andronat
commented
2 years ago Thanks for your contribution @RiscInside! I'll slightly refactor the code and add a couple of LIT tests.
SaBRe will now detect if the client it runs is in fact a script. In this case, SaBRe will parse the shebang line, obtain the name of the interpreter (+ an optional argument), and restart SaBRe with modified args using execve. The limit on the shebang length is obtained from
<linux/binfmts.h>.handle_shebangdoes not try to check if the interpreter is in fact an ELF file. Otherwise,handle_shebangtries to match the handling of shebangs on Linux.