From: Damien Miller (djmmindrot.org)
Date: Thu May 02 2013 - 08:20:45 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2 May 2013, Franco Fichtner wrote:

> OK, the implementation only pulls a couple of bytes from the packet's
> payload. It will never pull bytes that are not verified. It will never
> allocate anything. It will never test against something that's neither
> hard-coded nor available in the range of the approved payload. It will
> never return more than "unsigned int" with a number describing the
> actual application. It will never manipulate any input value, lest of
> all the packet itself. It will never run into endless loops. And I'll
> gladly zap everything that could still considered be a potential risk.

You've just described bpf, right down to "no endless loops" and the amount
of data it returns.

For a little more code that it takes to write one packet parser
(basically: loading bpf rules from pf and making the bpf_filter()'s
return value available to it) you get everything you described above and
more.

-d

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]