Add binfmt_misc workaround detector to builds
This is a recently introduced Linux Kernel feature that gives people
like Debian package mantainers the power to arbitrarily redefine how
executables are interpreted by the kernel. If your system gets tuned
this way and you're not able to disable it, then you need to restore
default behavior for the APE MZqFpD prefix as follows:
sudo sh -c "echo ':APE:M::MZqFpD::/bin/sh:' >/proc/sys/fs/binfmt_misc/register"
This prefix will cover all .com executables built with this tooling.
Please don't run the above command unless you're certain you need it.
See #2 for additional context.
This commit is contained in:
Justine Tunney
@ -110,21 +110,6 @@ static void showmzheader(void) {
|
||||
}
|
||||
|
||||
static void showdosstub(void) {
|
||||
unsigned char *p = (unsigned char *)mz + sizeof(struct NtImageDosHeader);
|
||||
unsigned char *pe = (mz->e_lfanew ? p + mz->e_lfanew : p + mzsize);
|
||||
pe = min(pe, p + mzsize - XED_MAX_INSTRUCTION_BYTES);
|
||||
while (p < pe) {
|
||||
struct XedDecodedInst *inst = ildreal(p);
|
||||
if (p + inst->length > pe) break;
|
||||
printf("\t.byte\t");
|
||||
for (unsigned i = 0; i < inst->length; ++i) {
|
||||
if (i) printf(",");
|
||||
printf("%#hhx", inst->bytes[i]);
|
||||
}
|
||||
printf("\n");
|
||||
p += inst->length;
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
static void showpeoptionalheader(struct NtImageOptionalHeader *opt) {
|
||||
|
||||
Reference in New Issue
Block a user