Closed RiscInside closed 2 years ago
Is there a reason you prefer to forward the interpreter
path to execve instead of directly calling the interpreter
elf binary? The reason I'm asking because execve() -> Interpreter scripts is doing exactly this.
I'm slightly reluctant with execve-ing inside sabre because it is just another layer of complexity for debugging with gdb.
Initially, I thought that shebangs can pass arbitrarily many command-line arguments, so I decided to call into execve to avoid moving the entire stack frame. Now I know that there can be at most two additional arguments introduced by the shebang line (interpreter path + optional argument), so I can change it to rewriting the frame instead
I see. That's a good point. Actually then it is indeed better to call execve! I'll add some small comments in your code soon and then we can merge 🚀.
I changed it to not call execve since there is always enough room in the argv array for two more arguments
Thanks for your contribution @RiscInside! I'll slightly refactor the code and add a couple of LIT tests.
SaBRe will now detect if the client it runs is in fact a script. In this case, SaBRe will parse the shebang line, obtain the name of the interpreter (+ an optional argument), and restart SaBRe with modified args using execve. The limit on the shebang length is obtained from
<linux/binfmts.h>
.handle_shebang
does not try to check if the interpreter is in fact an ELF file. Otherwise,handle_shebang
tries to match the handling of shebangs on Linux.