Security: A child process of an execv() family of functions may leak memory if script is called.
When calling a bash script, the exit() call gets triggered but memory is never cleared.
I am suspecting that this is happening because the script is run in the current process space whereas when calling a binary the process changes for the child.
There are new status codes: F_child, F_child_not, F_parent, F_parent_not.
The execute functions do not know what type of file is being executed.
Return F_child for the child process and allow the caller to handle the exit behavior of the child process.
This required significant changes to the Featureless Make, but the Featureless Make now always clears memory even for scripts.
The firewall program also had to be changed.
Instead of solving the potentially issues there, I decided to (for the time being) just mimic the previous behavior and call exit for the child process.
The firewall program needs a rewrite anyway, so I am holding off on major changes.
Refactor, cleanup, and improve the execute family of functions.
This was my original commit plans but when I observed the memory leak the refactor and cleanup became this security related commit.
As per cleanup plans:
- Moved common code into shared private functions.
- Change parameter checking granularity.
- Allow for 0 length strings as arguments.
- Avoid memory allocation inside execute functions.
- Consistently check WIFEXITED() on child process result.
- Update the documentation to follow more recent practices.
projects / fll / commit