OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Catching format bugs
From: Len Lattanzi (Len.Lattanzimss.migration.com)
Date: Sat Sep 16 2000 - 11:18:16 CDT

On 2000-09-16 16:36:25 +0200, Olaf Kirch wrote:
> Hi all,
>
> I just wanted to bounce around an idea for catching formatting bugs
> with less drastic measures than lobotomizing libc (i.e. removing %n
> completely).
>
> There's a very simple way to tell a constant from a non-constant string,
> which is to compare it to _end:
>
> extern char _end;
>
> if (format + strlen(format) >= &_end
> && strstr(format, "%n") != NULL) {
> /* non-const format string with %n? looks fishy */
> syslog(LOG_ERR, "fishy non-const format: `%s'", format);
> abort();
> }
>
This might work for static executables but shared libraries
will have "multiple" _end values.
Also any dependency on compiler internals is risky itself. Will the
application fail when purified?
>
> Does this sound reasonable? Is there anyone who'd like to try adding
> this to libsafe?
>
> Olaf
>
> PS: The last program I had to with -fwritable-strings was Taylor UUCP 1.04,
> long fixed since...
> --
> Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
> okirmonad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
> okircaldera.de +-------------------- Why Not?! -----------------------
> UNIX, n.: Spanish manufacturer of fire extinguishers.