This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH 1/4] __fdelt_chk: Removed range check

From: Florian Weimer <fweimer at redhat dot com>
To: KOSAKI Motohiro <kosaki dot motohiro at gmail dot com>
Cc: libc-alpha at sourceware dot org, libc-ports at sourceware dot org
Date: Fri, 12 Apr 2013 09:42:20 +0200
Subject: Re: [PATCH 1/4] __fdelt_chk: Removed range check
References: <1365744803-19197-1-git-send-email-kosaki dot motohiro at gmail dot com> <1365744803-19197-2-git-send-email-kosaki dot motohiro at gmail dot com>

On 04/12/2013 07:33 AM, KOSAKI Motohiro wrote:

+strong_alias (__fdelt_nochk, __fdelt_chk)
+strong_alias (__fdelt_nochk, __fdelt_warn)

This change (which disables checking for existing compiled binaries)seems the wrong thing to do to me.

I tend to agree that it might make sense to make fd_set fortificationoptional, but it should be enabled by default. Could you please changeyour patch so that it performs the checking by default, and preserveschecking for applications which were compiled against pre-2.18 versions?

By the way, if you see crashes with Qt, we have a patch which replacesselect with poll (qt-4.8-poll.patch in Fedora). We tried to upstreamit, but no luck so far.


--
Florian Weimer / Red Hat Product Security Team

Follow-Ups:
- Re: [PATCH 1/4] __fdelt_chk: Removed range check
  - From: KOSAKI Motohiro

References:
- [PATCH v3 0/4] fix wrong program abort on __FD_ELT
  - From: KOSAKI Motohiro
- [PATCH 1/4] __fdelt_chk: Removed range check
  - From: KOSAKI Motohiro

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]