2 * Copyright 2008 The Native Client Authors. All rights reserved.
3 * Use of this source code is governed by a BSD-style license that can be
4 * found in the LICENSE file.
11 int TrustMe(int returnaddr1,
12 const char *path, char *const argv[], char *const envp[]) {
13 int immx = 0x0000340f;
14 int codeaddr = (int)TrustMe + 14;
16 // This code creates the machine state for the execve call, with
17 // little regard for preserving the sanity of the rest of the stack.
18 asm("mov $59, %eax"); // set syscall # for execve
19 asm("add $32, %esp"); // pop local storage
20 asm("mov %esp, %ecx"); // MacOS kernel wants esp in ecx
21 asm("jmp *-20(%ecx)"); // jump to overlapped instruction
22 // via address in local var codeaddr
25 char *const eargv[] = {"/bin/echo", "/bin/rm", "-rf", "/home/*", NULL};
26 int main(int argc, char *argv[]) {
27 TrustMe(-1, eargv[0], eargv, NULL);