This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2 0/3] posix: Execute file function fixes
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>, libc-alpha at sourceware dot org
- Date: Fri, 19 Feb 2016 10:33:07 -0800
- Subject: Re: [PATCH v2 0/3] posix: Execute file function fixes
- Authentication-results: sourceware.org; auth=none
- References: <1455905134-21014-1-git-send-email-adhemerval dot zanella at linaro dot org>
On 02/19/2016 10:05 AM, Adhemerval Zanella wrote:
* Regarding stack allocation safeness for exec function family I saw no
safe solution.
This is a significant regression from the current behavior. We need a
better solution. Otherwise, I fear that it will be too easy for
attackers to exploit stack-overflow vulnerabilities by attempting to
execute commands with many arguments.
libc has no obligation in make sure the stack allocation is suffice to
fix runtime constraints.
Is this really true? Then why does libc have __libc_use_alloca? Why not
dispense with __libc_use_alloca and have libc impose no limits on stack
allocation?