Use execve() to replace system() #4223
Conversation
lum1n0us
commented
Apr 28, 2025
lum1n0us
commented
- Direct Execution: execve() directly executes a program, bypassing the shell. This avoids vulnerabilities like shell injection, which can occur with system() if user input is not properly sanitized.
- Controlled Environment: With execve(), you can explicitly specify the environment variables for the new process, providing better control over the execution context.
- No Shell Overhead: execve() does not invoke a shell, reducing the risk of unintended behavior caused by shell features or configurations.
- Predictable Behavior: execve() only executes the specified program, whereas system() relies on the shell, which may interpret commands differently based on the shell's configuration or environment.
lum1n0us
requested review from
loganek,
no1wudi,
TianlongLiang,
wenyongh,
xujuntwt95329 and
yamt
as code owners
lum1n0us
force-pushed
the
fix/reimplement_bh_system
branch
2 times, most recently
from
36ffe27 to
55ad4b6
Compare
|
|
||
| #if !(defined(_WIN32) || defined(_WIN32_)) | ||
| ret = system(cmd); | ||
| ret = execve(pathname, argv, envp); |
There was a problem hiding this comment.
does this work at all? i suppose you need fork+execve+wait.
There was a problem hiding this comment.
execve() executes the program referred to by pathname. This causes the program that is currently being run by the calling process to be replaced with a new program, with newly initialized stack, heap, and (initialized and uninitialized) data segments.
IMU, in our scenarios, there is no need to fork a new process and run commands. The default behavior is sufficient
There was a problem hiding this comment.
i don't think so. wamrc has other things to do after invoking these external commands.
have you tested?
core/shared/utils/bh_common.c
Outdated
| int | ||
| bh_system(const char *cmd) | ||
| bh_system(const char *pathname, char *const argv[], int argc) |
There was a problem hiding this comment.
i feel the name bh_system is confusing if it doesn't work like system().
There was a problem hiding this comment.
Got you points. I will rename it to bh_execve().
- Direct Execution: execve() directly executes a program, bypassing the shell. This avoids vulnerabilities like shell injection, which can occur with system() if user input is not properly sanitized. - Controlled Environment: With execve(), you can explicitly specify the environment variables for the new process, providing better control over the execution context. - No Shell Overhead: execve() does not invoke a shell, reducing the risk of unintended behavior caused by shell features or configurations. - Predictable Behavior: execve() only executes the specified program, whereas system() relies on the shell, which may interpret commands differently based on the shell's configuration or environment.
lum1n0us
force-pushed
the
fix/reimplement_bh_system
branch
from
55ad4b6 to
d3a2cdd
Compare
