[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug #28446] No checks are made for unteminated strings in RPC messa

From: olafBuddenhagen
Subject: Re: [bug #28446] No checks are made for unteminated strings in RPC messages
Date: Sun, 3 Jan 2010 11:42:52 +0100
User-agent: Mutt/1.5.19 (2009-01-05)


On Sat, Jan 02, 2010 at 12:11:38PM +0100, Carl Fredrik Hammar wrote:
> On Sat, Jan 02, 2010 at 08:12:17AM +0100, olafBuddenhagen@gmx.net
> wrote:
> > On Fri, Jan 01, 2010 at 10:36:35PM +0100, Carl Fredrik Hammar wrote:

> MIG does have a c_string type after all, which is used to define the
> string_t type used in the Hurd.

I see. I just remembered that I was quite stumped to see string_t
defined with a constant size; but I didn't remember that it actually is
c_string of a constant size, not just a char array...

But if Mach actually knows C strings, are you sure the kernel doesn't
actually perform the check for 0-termination itself in the IPC code?...

(Otherwise, the implementations of kernel functions like device_open()
would have to make sure strings are always terminated, too.)

> > > Fixing MIG seems much easier and safer.
> > 
> > Yes -- but also more invasive... You'll have to find someone
> > confident enough to ack/commit the change :-)

> I haven't looked yet, but I can't imagine it being less invasive than
> adding checks in *every* single program that receives strings in
> messages.

I said more invasive. I didn't say more work. That's quite a different
thing :-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]