Subject: Re: exploit with memcpy()
To: TAMURA Kent <>
From: None <>
List: tech-security
Date: 07/02/2002 22:55:55
>> If I count correctly, you just made memcpy() slow down by about 10%.
>I don't think so.
> - The check is at the outside of the loop.
> - It is done only if the destination address < the source address (+length)
> - Many applications uses gcc's builtin memcpy().

	unluckily the 3rd bullet means that the patch won't take effect
	to most of the binaries, am i right?  do we want to modify gcc to
	generate the change you've proposed?