Sysinternals Homepage
Forum Home Forum Home > Sysinternals Utilities > PsTools
  New Posts New Posts RSS Feed - Maximum string length PsExec
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Maximum string length PsExec

 Post Reply Post Reply
Author
Message
hanso View Drop Down
Newbie
Newbie


Joined: 20 April 2007
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote hanso Quote  Post ReplyReply Direct Link To This Post Topic: Maximum string length PsExec
    Posted: 20 April 2007 at 2:55am
The maximum length of server + command + arguments in PsExec is (256 characters...) 
 
Does anyone know how to execute longer files?


Edited by hanso - 20 April 2007 at 7:31am
Back to Top
Karlchen View Drop Down
Senior Member
Senior Member
Avatar

Joined: 18 June 2005
Location: Germany
Status: Offline
Points: 5131
Post Options Post Options   Thanks (0) Thanks(0)   Quote Karlchen Quote  Post ReplyReply Direct Link To This Post Posted: 20 April 2007 at 1:33pm
Hi, Hanso.

I am not sure about the 256 characters limit - I would have to do some tests. But I am sure I do not understand the "del" in your second message. What's it supposed to mean?

Karl


Edited by Karlchen - 20 April 2007 at 1:34pm
Back to Top
hanso View Drop Down
Newbie
Newbie


Joined: 20 April 2007
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote hanso Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2007 at 1:48am

I had a bug, but didn't know the char limit was the problem. Because of that, I posted a reply with some extra information. But I renamed the topic-title and message after I noticed it, and removed my reply.

Back to Top
Karlchen View Drop Down
Senior Member
Senior Member
Avatar

Joined: 18 June 2005
Location: Germany
Status: Offline
Points: 5131
Post Options Post Options   Thanks (0) Thanks(0)   Quote Karlchen Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2007 at 3:05am
Hello, hanso.

Just a hint:
As long as no-one replied to a message you wrote, you as the author can always press the "delete" button below the message. (Did this for you.)  Smile

Karl



Edited by Karlchen - 23 April 2007 at 3:07am
Back to Top
hanso View Drop Down
Newbie
Newbie


Joined: 20 April 2007
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote hanso Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2007 at 3:08am
Okay, sorry! I was looking for that button, but it was a bit hard to find.
 
However, does anyone have a solution for my problem? Is it a common bug, or only on my PC?
 
:-)
Back to Top
Karlchen View Drop Down
Senior Member
Senior Member
Avatar

Joined: 18 June 2005
Location: Germany
Status: Offline
Points: 5131
Post Options Post Options   Thanks (0) Thanks(0)   Quote Karlchen Quote  Post ReplyReply Direct Link To This Post Posted: 23 April 2007 at 3:40am
Hello, hanso.

No warranty given my diagnosis is correct:
  • Using psexec v1.72 remote commandlines of about 500 characters seem to be no problem. (Have not tested longer commands, yet.)
  • Using psexec v1.82 remote commandlines of more than 256 characters caused the psexe.exe on the local machine to crash.
    Note:
    Just corrected this statement, because I had incorrectly assumed the remote psexec service crashed. - No. It does not. It is the local psexec.exe that does.

The commandline used looked like this:
psexec.exe \\target -c echo_args.cmd 1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 2abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 5abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 6abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 7abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 8abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 9abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

echo_args.cmd holds these commands (nothing fancy really):
@echo off 
echo Args are: %1 %2 %3 %4 %5 %6 %7 %8 %9
echo Arg1=%1
echo Arg2=%2
echo Arg3=%3
echo Arg4=%4
echo Arg5=%5
echo Arg6=%6
echo Arg7=%7
echo Arg8=%8
echo Arg9=%9
pause

Environment:
+ Local: WinXP Pro Sp2
+ Target: Win2K SP4 Rollup4 / Win2003 Sp1
+ Psexec: v1.72 (2006) / v1.82 (current)

Karl
--
P.S.:
Have got the dumpfile created by Dr Watson and the logfiles. Zipped size: 90k. Could send it to you, Mark, but won't upload it here, because it may hold information about our local environment.
--
P.S.2:
Tested psexec v1.72 with remote commands as long as 970 characters: no problem.
Tested psexec v1.73 to v1.82: they crash.
--
P.S.3:
The longest remote command line which would not make psexec v1.82 crash was this one (245 chars, expanded on the target to 255 chars):

psexec.exe \\server -c echo_args.cmd 1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 2abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 5abcdefghijklmn



Edited by Karlchen - 23 April 2007 at 9:56am
Back to Top
Karlchen View Drop Down
Senior Member
Senior Member
Avatar

Joined: 18 June 2005
Location: Germany
Status: Offline
Points: 5131
Post Options Post Options   Thanks (0) Thanks(0)   Quote Karlchen Quote  Post ReplyReply Direct Link To This Post Posted: 15 May 2007 at 3:56am
Hello, hanso.

Good news.
The buffer overflow bug seems to be fixed in PsExec V1.83 as announced by Otto here:

How to reproduce:

(1) Launch the commandline given in my previous message

C>psexec.exe \\target -c echo_args.cmd 1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 2abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 5abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 6abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 7abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 8abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 9abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
(2) Yields this output:
Quote PsExec v1.83 - Execute processes remotely
Copyright (C) 2001-2007 Mark Russinovich
Sysinternals - www.sysinternals.com

Args are: 1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 2abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ 4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 5abcdefghijklnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 6abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLNOPQRSTUVWXYZ 7abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 8abcdefghijlmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 9abcdefghijklmnopqrstuvwxyzABCDEFGHIJLMNOPQRSTUVWXYZ
Arg1=1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg2=2abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg3=3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg4=4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg5=5abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg6=6abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg7=7abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg8=8abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Arg9=9abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
Press any key to continue . . .
echo_args.cmd exited on target with error code 0.
C>
And pexec.exe v1.83 simply returns to the local prompt.

Karl
--
P.S.:
psexec v1.83 could also handle the remote commandline if it was twice as long (more than 1070 characters)

psexec.exe \\target -c echo_args.cmd 1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 2abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ2abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ3abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ4abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 5abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ5abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 6abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ6abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 7abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ7abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 8abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ8abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 9abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ9abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ AabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZAabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ




Edited by Karlchen - 15 May 2007 at 4:14am
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down