--Apple-Mail-71-354565045
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; format=flowed


On Jan 2, 2004, at 11:52 PM, Jun-ichiro itojun Hagino wrote:

> 	atexit() in NetBSD can be very unsafe at this moment - see
> 	http://www.openbsd.org/papers/pacsec03/e/index.html (page 12)
> 	so i don't like it be used.

Well, like it or not, many things use atexit(), and just because you 
think it might be "unsafe" is not a good reason to remove its use from 
a program.  You haven't even eliminated all uses of atexit() from 
rtsold with this change.

Besides, it's not the atexit() function that's "dangerous" in this 
example, but rather the exit() function (or __cxa_finalize()).

That said, I think the example in that presentation is maybe just a 
little bit over-the-top.  Countless programs use function pointers in 
structures that are writable.  There are many other places that are 
writable in a program whence a PC value might be loaded.  I honestly 
think the change suggested in this example is unnecessary ("basically 
free"?  Except for the increased code footprint!)

         -- Jason R. Thorpe <thorpej@wasabisystems.com>


--Apple-Mail-71-354565045
content-type: application/pgp-signature; x-mac-type=70674453;
	name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)

iD8DBQE/9vxFOpVKkaBm8XkRAoEaAJ4zHKd2qwW4gsgF9oZhTWgZ+iTHwACfY26R
DHhxjxbfeJYaK4FDeZ637U0=
=UFMA
-----END PGP SIGNATURE-----

--Apple-Mail-71-354565045--