> int save_uid; > char buf[10]; > > save_uid = getuid(); > setuid(0); > fp = fopen("input", "r"); > fscanf(fp, "%s", buf); > setuid(save_uid); For this particular example, in some levels of optimization (gcc -O2, I believe, or via other future compiler hacks) your generated code could place the objects on the stack in this order: return address, buf[], save_uid. Coupled with the other approaches, that would solve this particular case. (But I don't believe in solving these special cases one by one). > My personal feelings on the recent proposals for fixing > "the overflow problem" is that I don't like them. They all > seem hacky to me, and all claim to be a silver bullet to finally > put an end to the problem. I much rather see the original problems > fixed, a solution that is much more aesthetically pleasing to > me. On the other hand the proposals do reduce the number of > attacks, and buy time until attackers get more sophisticated > in their exploits. I don't even hope to see a magic solution coming down the line. I'll just continue fixing the basic bugs. (But they are getting harder to find; perhaps I should start using Purify or Insight..)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:37:06 PDT