Bug#970460: qemu-user: trashes argv[0] breaking multi-call binaries

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#970460: qemu-user: trashes argv[0] breaking multi-call binaries
From: Thorsten Glaser <tg@mirbsd.de>
Date: Wed, 16 Sep 2020 18:55:27 +0200
Message-id: <[🔎] 160027532771.14344.11201138232063576732.reportbug@tglase-nb.lan.tarent.de>
Reply-to: Thorsten Glaser <tg@mirbsd.de>, 970460@bugs.debian.org

Package: qemu-user
Version: 1:5.1+dfsg-4
Severity: important
X-Debbugs-Cc: tg@mirbsd.de, debian-68k@lists.debian.org

I’m attaching a test program that does the following:

• if argv[1] is "-" it just outputs argv[0] and argv[1]
• otherwise it also execve(2)s argv[1] with its argv[0] set to "meow"

I’ve installed the extra packages:
• gcc-arm-linux-gnueabi
• libc6-dev-armel-cross


tglase@tglase-nb:~ $ gcc -Wall -Wextra -o native tst.c
1|tglase@tglase-nb:~ $ ./native ./native
argv[0]: ./native
argv[1]: ./native
calling...
argv[0]: meow
argv[1]: -
not calling
tglase@tglase-nb:~ $ arm-linux-gnueabi-gcc -o cross tst.c -static
tglase@tglase-nb:~ $ ./cross ./cross
argv[0]: ./cross
argv[1]: ./cross
calling...
argv[0]: ./cross
argv[1]: -
not calling
tglase@tglase-nb:~ $ ./cross ./native
argv[0]: ./cross
argv[1]: ./native
calling...
argv[0]: meow
argv[1]: -
not calling
tglase@tglase-nb:~ $ ./native ./cross
argv[0]: ./native
argv[1]: ./cross
calling...
argv[0]: ./cross
argv[1]: -
not calling


As you can see, if the callee of an exec is a qemu-user target,
argv[0] is trashed.

This, among other things, makes qemu-user-static-based buildds unworkable.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'oldstable-updates'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.7.0-2-amd64 (SMP w/2 CPU threads)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages qemu-user depends on:
ii  libc6         2.31-3
ii  libcapstone3  4.0.1+really+3.0.5-2
ii  libgcc-s1     10.2.0-7
ii  libglib2.0-0  2.66.0-1
ii  libgnutls30   3.6.15-2
ii  libstdc++6    10.2.0-7
ii  zlib1g        1:1.2.11.dfsg-2

Versions of packages qemu-user recommends:
ii  qemu-user-static [qemu-user-binfmt]  1:5.1+dfsg-4

Versions of packages qemu-user suggests:
ii  sudo  1.9.1-2

-- no debconf information

#include <err.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>

int
main(int argc, char *argv[], char *envp[])
{
	char *newargv[3];

	if (argc != 2) {
		fprintf(stderr, "usage: %s <program-to-call>\n", argv[0]);
		return (1);
	}

	printf("argv[%d]: %s\n", 0, argv[0]);
	printf("argv[%d]: %s\n", 1, argv[1]);

	if (strcmp(argv[1], "-") != 0) {
		printf("calling...\n");
		newargv[0] = "meow";
		newargv[1] = "-";
		newargv[2] = NULL;
		execve(argv[1], newargv, envp);
		err(1, "exec");
	}
	printf("not calling\n");
	return (0);
}

Reply to:

Follow-Ups:
- Re: Bug#970460: qemu-user: trashes argv[0] breaking multi-call binaries
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>

Prev by Date: Re: Bug#970353: mksh: Ignores "nocheck" in DEB_BUILD_OPTIONS
Next by Date: Re: Bug#970460: qemu-user: trashes argv[0] breaking multi-call binaries
Previous by thread: Re: m68k developer chat 25th September - EmuTOS release 1.0 - Presentation and Discussion
Next by thread: Re: Bug#970460: qemu-user: trashes argv[0] breaking multi-call binaries
Index(es):
- Date
- Thread