This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
FD_SET and FORTIFY_SOURCE
- From: Florian Weimer <fweimer at redhat dot com>
- To: libc-alpha at sourceware dot org
- Date: Thu, 28 Feb 2013 08:52:38 +0100
- Subject: FD_SET and FORTIFY_SOURCE
I thought we did bounds checking for FD_SET in FORTIFY_SOURCE mode. But
it seems we don't. Would this be reasonable to add?
(The advantages are rather minor because it's not immediately obvious
how these out-of-bound writes could be exploited for code execution,
considering that the index is not under full control by the attacker.
So all that FORTIFY_SOURCE does is that it turns a potential crash into
a definite crash.)
--
Florian Weimer / Red Hat Product Security Team