D
Daniel KamiÅ?ski
Hi
I've tried to call execve using Kernel#syscall. Execve is 11 in my case
[i386] so i'm trying to call:
syscall(11, '/bin/true', ['true'].pack('p*') , ['X=1'].pack('p*'))
but it raises Bad address (Errno::EFAULT) exception, called it with
strace:
% strace -eexecve ruby -e "syscall(11, '/bin/true', ['true'].pack('p*')
, ['X=1'].pack('p*'))"
execve("/usr/bin/ruby", ["ruby", "-e", "syscall(11, \'/bin/true\',
[\'true\'"...], [/* 75 vars */]) = 0
execve("/bin/true", ["true"..., 0x4800, 0x6000000, 0x11, "\7!"...,
""..., 0x7000000, 0x49, "\7!"...,
"\310\261\371A\310\261\371A\320\261\371A\320\261\371A\330\261\371A\330\261\371A\340\261\371A\340\261\371A"...],
[/* 4 vars */]) = -1 EFAULT (Bad address)
-e:1:in `syscall': Bad address (Errno::EFAULT)
from -e:1
execve(2) man says:
EFAULT filename points outside your accessible address space.
Both execve traces differs, second argument [an arguments array] in
second execve doesn't look the same like in first execve invocation,
it's longer, has addidional values and ... [three dots] after strings
suggesting they're in fact probably longer [i don't know strace
formatting rules well]. Is it something wrong with p* packing? Anybody
tried calling execve in ruby this way?
I've tried to call execve using Kernel#syscall. Execve is 11 in my case
[i386] so i'm trying to call:
syscall(11, '/bin/true', ['true'].pack('p*') , ['X=1'].pack('p*'))
but it raises Bad address (Errno::EFAULT) exception, called it with
strace:
% strace -eexecve ruby -e "syscall(11, '/bin/true', ['true'].pack('p*')
, ['X=1'].pack('p*'))"
execve("/usr/bin/ruby", ["ruby", "-e", "syscall(11, \'/bin/true\',
[\'true\'"...], [/* 75 vars */]) = 0
execve("/bin/true", ["true"..., 0x4800, 0x6000000, 0x11, "\7!"...,
""..., 0x7000000, 0x49, "\7!"...,
"\310\261\371A\310\261\371A\320\261\371A\320\261\371A\330\261\371A\330\261\371A\340\261\371A\340\261\371A"...],
[/* 4 vars */]) = -1 EFAULT (Bad address)
-e:1:in `syscall': Bad address (Errno::EFAULT)
from -e:1
execve(2) man says:
EFAULT filename points outside your accessible address space.
Both execve traces differs, second argument [an arguments array] in
second execve doesn't look the same like in first execve invocation,
it's longer, has addidional values and ... [three dots] after strings
suggesting they're in fact probably longer [i don't know strace
formatting rules well]. Is it something wrong with p* packing? Anybody
tried calling execve in ruby this way?