This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH v2 0/3] posix: Execute file function fixes

From: Paul Eggert <eggert at cs dot ucla dot edu>
To: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>, libc-alpha at sourceware dot org
Date: Fri, 19 Feb 2016 10:33:07 -0800
Subject: Re: [PATCH v2 0/3] posix: Execute file function fixes
Authentication-results: sourceware.org; auth=none
References: <1455905134-21014-1-git-send-email-adhemerval dot zanella at linaro dot org>

On 02/19/2016 10:05 AM, Adhemerval Zanella wrote:

* Regarding stack allocation safeness for exec function family I saw no
   safe solution.

This is a significant regression from the current behavior. We need abetter solution. Otherwise, I fear that it will be too easy forattackers to exploit stack-overflow vulnerabilities by attempting toexecute commands with many arguments.

   libc has no obligation in make sure the stack allocation is suffice to
   fix runtime constraints.

Is this really true? Then why does libc have __libc_use_alloca? Why notdispense with __libc_use_alloca and have libc impose no limits on stackallocation?

Follow-Ups:
- Re: [PATCH v2 0/3] posix: Execute file function fixes
  - From: Adhemerval Zanella
- Re: [PATCH v2 0/3] posix: Execute file function fixes
  - From: Joseph Myers

References:
- [PATCH v2 0/3] posix: Execute file function fixes
  - From: Adhemerval Zanella

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]