bug-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug#102437: dealloc analysis for each server function, more bugs!

From: Thomas Bushnell, BSG
Subject: Bug#102437: dealloc analysis for each server function, more bugs!
Date: 29 Jun 2001 11:10:46 -0700
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 
Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de> writes:

> It just occured to me that it is probably safe to use malloc()'ed buffers,
> as long as you don't use dealloc with them?  It's a bit awkward, because
> this is mixing Mach level with glibc level stuff.  I don't know if it is
> safe to return a buffer that is not starting at a mmap'ed region, for
> example.

In general it's bad mojo.  If the buffer is not page aligned, then
Mach will DTRT, but data in the boundary pages outside the region
might be sent in the RPC too, and the result would be a security
failure.

Also, we don't want to depend on that behavior of Mach; other kernels
with other RPC systems might only allow sending page-aligned regions.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]