Subject: Re: CVS commit: src/sys
To: David Young <email@example.com>
From: Thor Lancelot Simon <firstname.lastname@example.org>
Date: 05/29/2007 19:14:21
On Tue, May 29, 2007 at 05:20:33PM -0500, David Young wrote:
> This seems like an awful lot of #ifdef'age to achieve very limited
> protection against stack smashing. Suppose the kernel copies to ifreq
> a sockaddr whose sa_len > sizeof(struct sockaddr_storage) ?
The kernel won't: sockaddr_storage is, by definition, large enough to
contain any protocol-specific sockaddr. That's what it's for.
The issue with kernel->user copies was truncation of addresses. The
stack-smashing issue involved legitimate programming practices like
trying to zero the entire sockaddr_dl "contained" in an ifreq...
Thor Lancelot Simon email@example.com
"All of my opinions are consistent, but I cannot present them all
at once." -Jean-Jacques Rousseau, On The Social Contract