Re: [gentoo-user] Cat a binary = system crash?

Thu, 08 May 2025 19:58:32 -0700 

On 5/8/25 10:12 PM, Mitchell Dorrell wrote:
> This is not a bug report and I'm not really seeking assistance, I'm just
> inviting discussion because... this shouldn't be able to happen, right?
> 
> Earlier today, I opened a terminal using urxvt, then initiated an SSH
> connection to a remote machine. On the remote machine, I ran a command
> roughly like this (but as a one-liner):
> 
> for d in path1 path2 path3; do
>   files=$(find $d -not -type d -exec readlink -f {} \; | sort -u);
>   for f in $files; do
>     cat $f | tr ' ' '\n' | pipe_through_sed_and_grep_etc;
>   done;
> done
> 
> ... which caused grep to mention finding some matches inside binary data
> via stdin. After (insufficiently) adding to the pipeline to filter the
> output down to just the matching strings, I added '-a' to the grep
> commands, hit enter, briefly saw some junk printed to the terminal, and
> then my screen went black and I noticed that my power LED was dark.
> 
> There are 468 null bytes in /var/log/messages at the crash time.
> 
> Neither urxvt, nor bash, nor ssh were running as root, and I'm pretty
> sure I had rebooted since my last @world update, so there shouldn't be
> any outdated libraries in play.
> 
> Userspace applications shouldn't be able to crash the system, right?


I would say that this is an almost fallacious way to look at things,
honestly. urxvt is a userspace application, so it "can't" crash the
system, no matter what I do with it... right? Even if I run `sudo
/usr/sbin/crashsystem`, it's running in a userspace application, what
can it do really?

Userspace applications have to make use of kernel facilities for
everything they do, such as displaying graphics on the screen. A
not-entirely-uncommon cause of system crashes is bugs being triggered in
a GPU driver.

That's deeply trusted code running at a higher permission level than
merely sudo. Of course, it "should" be designed to not mishandle bad
data, and for the most part, they do a good job at that. But things
happen. It's a valid possibility. :)


-- 
Eli Schwartz

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Reply via email to