This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Linux: Add fortify wrapper for getdents64

On Fri, Jun 21, 2019 at 8:22 AM Florian Weimer <fweimer@redhat.com> wrote:
> * Wilco Dijkstra:
> > Hi Florian,
> >
> >> > Do we really need to add to this broken feature? The fortify feature should have
> >> > been retired decades ago, it's not useful or secure at all.
> >> >
> >> > If we actually want to detect buffer overflows the correct approach is to add
> >> > runtime checks in GCC as that's the place where you have the right info about
> >> > variables and array sizes. The current implementation is completely broken
...
> >> I don't understand this.  Why do you think it does not work?
...
> > It's based on preprocessing magic, which isn't handled correctly. GCC
> > doesn't end up doing the right thing in most cases
...
> There may be limitations, but it's not based on preprocessing magic.
> Simple pointer arithmetic on the buffer is handled correctly.  I think
> you are confusing this with something else.

This is threatening to become another case of mutual finger-pointing
and disbelief like the strstr argument.  Wilco, since you are the one
who's actually seen a problem, could you please work up a set of
concrete examples of code that is handled poorly with the current
fortify implementation?

zw
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]