This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/10149] stack guard should lead with zero byte to gain protections from str* reads

From: "kees at outflux dot net" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 14 May 2009 21:48:41 -0000
Subject: [Bug libc/10149] stack guard should lead with zero byte to gain protections from str* reads
References: <20090512180534.10149.kees@outflux.net>
Reply-to: sourceware-bugzilla at sourceware dot org

------- Additional Comments From kees at outflux dot net  2009-05-14 21:48 -------
I should clarify -- the read-blocking is nice, but the more common reason the
leading zero is important is to avoid the guard being written as part of a
larger overflow being written out by a str* function, if its value were leaked
to an attacker in some other way.

-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=10149

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

References:
- [Bug libc/10149] New: stack guard should lead with zero byte to gain protections from str* reads
  - From: kees at outflux dot net

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]