Re: Buffer overflow prevention

From: Miod Vallat (miodat_private)
Date: Thu Aug 14 2003 - 13:24:40 PDT

Next message: sauron: "Re: Buffer overflow prevention"

Previous message: KF: "Re: [Full-Disclosure] Re: Buffer overflow prevention"
Next in thread: sauron: "Re: Buffer overflow prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>   ProPolice is not magical, though. There are plenty of cases where it is
> totally inefficient. To illustrate a very common one :
> 
[snip oflow of 5-byte buffer]

This particular case ``works'' because, by design, propolice will not
attempt to protect structures smaller than 16 bytes.

This can be changed by a simple gcc recompilation... and it's probably
worth doing.

Miod

Next message: sauron: "Re: Buffer overflow prevention"
Previous message: KF: "Re: [Full-Disclosure] Re: Buffer overflow prevention"
Next in thread: sauron: "Re: Buffer overflow prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 17:29:32 PDT