From: "Roberto A. Foglietta" <roberto.foglietta@gmail.com>
To: Zhihang Wei <wzh@ilbers.de>
Cc: isar-users <isar-users@googlegroups.com>
Subject: Re: Isar v1.1 Release Candidate 2
Date: Tue, 5 May 2026 00:15:49 +0200 [thread overview]
Message-ID: <CAJGKYO4t332j3FL01uVVC-m8A73sNaJdF9bHNVz1ziwYxW+2yA@mail.gmail.com> (raw)
In-Reply-To: <c14233d8-6e6a-41c8-9e4c-b98f72219b3f@ilbers.de>
On Mon, 4 May 2026 at 12:02, Zhihang Wei <wzh@ilbers.de> wrote:
>
> Hi everyone,
>
> I have just tagged v1.1-rc2 as release candidate 2 for Isar v1.1.
>
> Please test on your downstream if necessary. Feedback is welcome.
>
Hi, I propose you consider a couple of patches of mine
for busybox to include in ISAR as external patches.
WHY APPLY THIS ONE IN PARTICULAR?
https://github.com/robang74/busybox/blob/master/TODO.md#awk
In this case, using awk w/ CONVFMT and a properly forged text string
containing %1337c%n due to arbitrary of 1337 (at my will) and %n
property I could **POTENTIALLY** escalate the privileges to root. In
fact busybox is a single binary usually with SUID attribute and the
fork() brings the whole process in memory usually in CoW mode,
including those applets that can run with root privileges by SUID
(cfr. man chmod +s).
URL: https://github.com/robang74/busybox/tree/master/patches
patches/
- 0002-awk-minimalist-approach-to-fix-some-unsupported-cases-v4.patch
awk: numeric identifiers full recognition, +65b (patchset v4)
Fixing: two major issues like walking %016llx and writing %n
Extend: support for "%fpx", keep "pi:%f" and earn "pi: %f deg"
Testing: editors/awk_printx_tests.sh added new (only visual)
./busybox awk 'BEGIN { CONVFMT="%nf"; x=3.14; print x "" }';
./busybox awk 'BEGIN { CONVFMT="%.2f OK f"; x=3.14; print x "" }';
./busybox awk 'BEGIN { CONVFMT="%.2fpi %016llx f"; x=3.14; print x "" }';
./busybox awk 'BEGIN { CONVFMT="walk: %.2fpi %016llx "; x=3.14; print x "" }'
./busybox awk 'BEGIN { CONVFMT="OK pi: %.2fx"; x=3.14; print x "" }'
./busybox awk 'BEGIN { CONVFMT="%.2fOKpi"; x=3.14; print x "" }'
text data bss dec hex filename
19338 0 0 19338 4b8a editors/awk.o
Fixing: +51
19389 0 0 19389 4bbd editors/awk.o
Extend: +16
19405 0 0 19405 4bcd editors/awk.o
Coding: -2
19403 0 0 19403 4bcb editors/awk.o
--
Roberto A. Foglietta
+49.176.274.75.661
+39.349.33.30.697
--
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/CAJGKYO4t332j3FL01uVVC-m8A73sNaJdF9bHNVz1ziwYxW%2B2yA%40mail.gmail.com.
next prev parent reply other threads:[~2026-05-04 22:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-04 10:01 Zhihang Wei
2026-05-04 20:06 ` 'Jan Kiszka' via isar-users
2026-05-04 22:09 ` Roberto A. Foglietta
2026-05-04 22:15 ` Roberto A. Foglietta [this message]
2026-05-07 20:23 ` Roberto A. Foglietta
2026-05-05 7:23 ` 'MOESSBAUER, Felix' via isar-users
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJGKYO4t332j3FL01uVVC-m8A73sNaJdF9bHNVz1ziwYxW+2yA@mail.gmail.com \
--to=roberto.foglietta@gmail.com \
--cc=isar-users@googlegroups.com \
--cc=wzh@ilbers.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox