GNU bug report logs - #37864
bug: env exec bomb (no hash bang arg)

Reported by: Michael Coleman <michael.karl.coleman <at> protonmail.com>

Date: Tue, 22 Oct 2019 04:48:02 UTC

Severity: normal

View this message in rfc822 format

From: Michael Coleman <michael.karl.coleman <at> protonmail.com>
To: 37864 <at> debbugs.gnu.org
Subject: bug#37864: bug: env exec bomb (no hash bang arg)
Date: Tue, 22 Oct 2019 02:13:13 +0000

[Message part 1 (text/plain, inline)]

One of my users unwittingly stumbled upon the most delightful 'env' bug.  It seems to be present in a couple of pretty recent distributions.

Try this:

----------------------------
#!/usr/bin/env
whatever
----------------------------

This results in an endless 'execve' recursion (if that's the word), pegging the CPU.

The preferred behavior would be something like a diagnostic, followed by immediate exit with an error result.

Regards,
Mike

[Message part 2 (text/html, inline)]

This bug report was last modified 5 years and 242 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #37864 bug: env exec bomb (no hash bang arg)

GNU bug report logs - #37864
bug: env exec bomb (no hash bang arg)