"Eric W. Biederman" wrote: > > But the gcc bounds checking work is the ultimate buffer overflow fix. > You can recompile all of your trusted applications, and libraries with > it and be safe from one source of bugs. > void main(int argc, char **argv[]) { char local[128]; if(argc > 2) strcpy(local,argv[1]); } Unless you modify the ABI and pass the array bounds around you won't catch such problems, and I won't even mention unions and struct dyn_data { int len; char data[]; } -- Manfred - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Is this the ultimate stack-smash fix? Jeremy Jackson
- Re: Is this the ultimate stack-smash fix? Alan Cox
- Re: Is this the ultimate stack-smash fix? James Sutherland
- Re: Is this the ultimate stack-smash fix? Bruce Harada
- Re: Is this the ultimate stack-smash fix? William T Wilson
- Re: Is this the ultimate stack-smash fix? Eric W. Biederman
- Re: Is this the ultimate stack-smash fix? Jeremy Jackson
- Re: Is this the ultimate stack-smash fix? Gerhard Mack
- Re: Is this the ultimate stack-smash fix? Eric W. Biederman
- Re: Is this the ultimate stack-smash fi... Manfred Spraul
- Re: Is this the ultimate stack-sma... Eric W. Biederman
- Re: Is this the ultimate stack... Peter Samuelson
- Re: Is this the ultimate s... Eric W. Biederman
- Re: Is this the ultimate s... Andreas Bombe
- Re: Is this the ultimate s... Xavier Bestel
- Re: Is this the ultimate s... Jeremy Jackson
- Re: Is this the ultimate s... Xavier Bestel
- Re: Is this the ultimate s... Andreas Bombe
- Re: Is this the ultimate s... Xavier Bestel
- Re: Is this the ultimate stack-smash fi... Jeremy Jackson