[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Vulnerabilities in Synchronous IPC Designs
From: |
Andreas Haeberlen |
Subject: |
Re: Vulnerabilities in Synchronous IPC Designs |
Date: |
Mon, 02 Jun 2003 21:01:23 -0700 |
Hello Espen,
>> Note that it appears that IDL4 seems to happily use string buffers
>> for any variable length argument, irregardless of any length
>> restriction (which might even be so small as to guarantee that it
>> always fits into the msg registers) or actual length at runtime.
> It is trivial to add a check in the IDL compiler (and generated code)
> for the length of a variable length buffer. If the variable length
> buffer fits within 256 bytes (or 512 bytes on 64-bit architectures),
> the content can be transferred using message registers. If this is
> your only concern, then you shouldn't worry. (I was actually sort of
> suprised to learn that IDL4 didn't support this in the current
> implementation.)
Actually, this _is_ supported in the current implementation.
Try compiling something like:
interface foo {
void bar(in string<40> x, in string<20> y);
};
and you will find that the message is transferred completely in
registers. What Marcus has observed is probably an issue with
the current release, which sometimes causes the server loop to
allocate more buffer space than it actually needs.
- Andreas
- Vulnerabilities in Synchronous IPC Designs, Jean-Charles Salzeber, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Espen Skoglund, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Jean-Charles Salzeber, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Espen Skoglund, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Espen Skoglund, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Espen Skoglund, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs,
Andreas Haeberlen <=
- Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Espen Skoglund, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Kip Macy, 2003/06/06
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Jean-Charles Salzeber, 2003/06/02
Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02