Subject: Re: exploit with memcpy()
To: Ed Ravin <firstname.lastname@example.org>
From: Jason R Thorpe <email@example.com>
Date: 07/02/2002 10:56:03
On Tue, Jul 02, 2002 at 01:10:23PM -0400, Ed Ravin wrote:
> This sounds a bit extreme. Don't we want library code to be
> reliable and not to overwrite surprise areas of memory when
> presented with bogus arguments? As others have pointed out,
> parameter checking happens once per call. I doubt the overhead
> would be so "considerable", and the improvements in reliability
> and security would be well worth it.
In an idea world, you would want a core dump for this kind of thing,
not for the code to silently fix things up. That is only going to
mean that the real bugs are harder to find.
> If the fixes are common to multiple callers, then shouldn't the
> fixes be in the libraries? Isn't that what libraries are for
> in the first place?
I think I'm going to start passing NULL as the FILE * argument to
fprintf() when I mean stderr; it's fewer letters to type. I'll
make sure to update libc accordingly.
-- Jason R. Thorpe <firstname.lastname@example.org>