This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] malloc/malloc.c: Mitigate null-byte overflow attacks

From: DJ Delorie <dj at redhat dot com>
To: Moritz Eckert <m dot eckert at cs dot ucsb dot edu>
Cc: libc-alpha at sourceware dot org, scarybeasts at gmail dot com, fweimer at redhat dot com
Date: Thu, 26 Oct 2017 23:49:20 -0400
Subject: Re: [PATCH] malloc/malloc.c: Mitigate null-byte overflow attacks
Authentication-results: sourceware.org; auth=none
Authentication-results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=dj at redhat dot com
Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A53D785541

Moritz Eckert <m.eckert@cs.ucsb.edu> writes:
> So for my current patch idea, would you prefer it with or without a 
> macro and keeping the check inside unlink or not?

I think your original patch is OK as is, I'm just waiting to give
Florian a chance to offer a second opinion.  IIRC he's on vacation this
week.

Follow-Ups:
- Re: [PATCH] malloc/malloc.c: Mitigate null-byte overflow attacks
  - From: Chris Evans

References:
- Re: [PATCH] malloc/malloc.c: Mitigate null-byte overflow attacks
  - From: Moritz Eckert

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]