It is to my understanding that in /bin we have some binary executables that are just compiled C programs. Out of curiosity, I decided to play with them and I opened ls with sudo privileges using nano, and added the character 0 at the beginning. I saved the file and, to my amusement, I checked that indeed, executing the ls command in a terminal does not work.
What I did not expect is that after deleting this character I had added, the ls command still does not work and segfaults.
If the files contained in /bin are nothing but machine code with ones and zeros, why does deleting a character that we have previously added not yield a program that works?
Editing a binary file with an editor meant for text may or may not work - in practice it usually won't. The editor might make various changes like fixing line endings (e.g., if a sequence of bytes in the file contained
\r\n, the editor might "fix" that to\n, or fix occurrences of just\nto\r\n), adding a trailing newline if file didn't end with one, etc. There's a high likelihood that thelsbinary did get corrupted by some of such changes. You can compare the output ofod -corhexdumpon the original and modified files to see what changed, exactly. And consider using a hex editor in future (Please recommend a hex editor for shell) for editing non-text files.Repeating your experiment and then comparing with the original using
binwalkshows that the reason is indeed the conversion of0x0D(CR) to0x0A(LF) character:Likely one of these bytes was part of a memory address or an instruction involved in creating an address. Invalid memory address then results in the segmentation fault.
When you open the file, nano informs of this as
(Converted from Mac format).You can disable this conversion and the addition of a trailing newline by giving the command line options
nano -LN. With these options the result is identical to the original, but editing binary files in this way is still prone to corruption.