[Manfred Spraul]
> > Unless you modify the ABI and pass the array bounds around you won't
> > catch such problems,
[Eric W. Biederman]
> Of course. But this is linux and you have the source. And I did
> mention you needed to recompile the libraries your trusted
> applications depended on.
So by what ABI do you propose to pass array bounds to a called
function? It sounds pretty ugly. It also sounds like you will be
breaking the extremely useful C postulate that, at the ABI level at
least, arrays and pointers are equivalent. I can't see *how* you plan
to work around that one.
> Yep bounds checking is not an easy fix.
Understatement of the year, if you really want to catch all cases.
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Feb 23 2001 - 21:00:15 EST