From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dave@ramenlabs.com>
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on yquem.inria.fr
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=disabled 
	version=3.1.3
Received: from mail1-relais-roc.national.inria.fr (mail1-relais-roc.national.inria.fr [192.134.164.82])
	by yquem.inria.fr (Postfix) with ESMTP id AC049BB84
	for <caml-list@yquem.inria.fr>; Fri, 10 Oct 2008 22:11:26 +0200 (CEST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApoEADtT70jOe3NG/2dsb2JhbAC9GYFs
X-IronPort-AV: E=Sophos;i="4.33,391,1220220000"; 
   d="scan'208";a="18566367"
Received: from spoomusic.com ([206.123.115.70])
  by mail1-smtp-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-SHA; 10 Oct 2008 22:11:26 +0200
Received: (qmail 32068 invoked by uid 89); 10 Oct 2008 20:11:24 -0000
Received: from localhost (127.0.0.1)
  by 0 with ESMTPS (DHE-RSA-AES256-SHA encrypted); 10 Oct 2008 20:11:24 -0000
Date: Fri, 10 Oct 2008 13:11:24 -0700 (MST)
From: Dave Benjamin <dave@ramenlabs.com>
X-X-Sender: ramen@spoomusic.com
To: Jason Noakes <jjnoakes@gmail.com>
Cc: caml-list@yquem.inria.fr
Subject: Re: [Caml-list] Writing to argv[0]
In-Reply-To: <1944.69.121.99.207.1223664496.squirrel@greatnorthern.org>
Message-ID: <alpine.DEB.2.00.0810101306520.22849@spoomusic.com>
References: <48EE22B0.3090404@ramenlabs.com> <48EE23BF.3080300@starynkevitch.net> <48EEDFE5.8080706@ramenlabs.com> <48EF57F0.6000203@ramenlabs.com> <1944.69.121.99.207.1223664496.squirrel@greatnorthern.org>
User-Agent: Alpine 2.00 (DEB 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Spam: no; 0.00; argv:01 moderately:01 wrote:01 unix:01 caml-list:01 benjamin:01 argument:02 argument:02 bounds:02 bounds:02 checking:02 checking:02 string:02 unit:03 fri:05 

On Fri, 10 Oct 2008, Jason Noakes wrote:

> Just be careful with that. You are copying over memory and you also 
> aren't doing any bounds checking. A long enough "Proctitle.setproctitle" 
> argument will corrupt your process.

Good point. Even a moderately long argument will corrupt the environment:

# Proctitle.setproctitle "Mary had a little lamb, whose fleece was white 
as snow.";;
- : unit = ()
# Unix.environment ();;
- : string array =
[|"little lamb, whose fleece was white as snow.";
   ", whose fleece was white as snow."; " was white as snow."; "w.";
   ...

That is why you not only need bounds checking but relocation of the 
environment to do this safely.

Thanks,
Dave