This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests

From: Mike Frysinger <vapier at gentoo dot org>
To: libc-alpha at sourceware dot org
Cc: Siddhesh Poyarekar <siddhesh at redhat dot com>, "Frank Ch. Eigler" <fche at redhat dot com>, "Carlos O'Donell" <carlos at redhat dot com>
Date: Mon, 23 Dec 2013 04:48:36 -0500
Subject: Re: [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests
Authentication-results: sourceware.org; auth=none
References: <20131022071550 dot GG11038 at spoyarek dot pnq dot redhat dot com> <y0m8uxitk0o dot fsf at fche dot csb> <20131025044144 dot GB23099 at spoyarek dot pnq dot redhat dot com>

On Friday 25 October 2013 00:41:44 Siddhesh Poyarekar wrote:
> On Thu, Oct 24, 2013 at 05:51:35PM -0400, Frank Ch. Eigler wrote:
> > But the CVE's were issued precisely because sometimes attackers have
> > control of a DNS zone.  But the DoS worry (that the act of attempting
> > to allocate excessive memory harms the system) seems quite remote in
> > this case.
> 
> Right, thanks for pointing that out.

for other APIs (like regex), iiuc, our position has been that any sane service 
which may be accessed remotely is supposed to be using sane ulimit/etc... to 
limit resource over taxing.  otherwise, you run into things like:
	- ftp server allows regex w/ls commands
	- ftp server uses C library's regex API
	- resource exhaustion due to use of pathological regex (back references 
and lots of sub groups and such)

should we codify that position somewhere ?
-mike

Attachment: signature.asc
Description: This is a digitally signed message part.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]