Re: Non-executable stack patch

Wolfram Kleff (kleff@informatik.uni-bonn.de)
Sun, 8 Jun 1997 15:02:14 +0200 (MET DST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Olaf Titz: "Re: User Access to I/O ports"
Previous message: Gerald Hatfield: "BRAIN TOOLS! (A simple solution to Java development)"

I think we should fix some other overflow bugs, too. For example
there are no "vsnprintf" and "snprintf" routines in the "official"
kernel, instead there are "vsprintf" and "sprintf" - and both are used
plenty.... e.g. printk:

> i = vsprintf(buf + 3, fmt, args); /* hopefully i < sizeof(buf)-4 */
^^^^^^^^^^^^^^^^^^^^^^^^^^^
really funny comment ? :-(
I have patched it like:
> i = vsnprintf(buf + 3, sizeof(buf)-4, fmt, args);
I think hope is good, control is better. ;-)

Well, I don't know if there are any exploits out there, but
I prefer a complete "vsprintf" and "sprintf" replacement with "vsnprintf"
and "snprintf".
An exploit don't need an executable stack, a little overwrite
over important kernel structures like process table etc. will (might)
give you superuser rights.

Wolfram

Next message: Olaf Titz: "Re: User Access to I/O ports"
Previous message: Gerald Hatfield: "BRAIN TOOLS! (A simple solution to Java development)"