Bugtraq mailing list archives
Re: modifing libc to discover gets()/sprintf() calls
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Thu, 30 Jan 1997 21:28:55 +0000
The only big problem I is that any difference between the libc.a and the running libc.so shared library would become painfully obvious after creating and installing the new shared library with the printf modifications.
Well one other approach would be to use some kind of ELF extension to mark a symbol of type 'text, insecure'. Then the linker would link the binary and report fooprog: symbol _gets is insecure fooprog: symbol _sprintf is insecure Alan
Current thread:
- modifing libc to discover gets()/sprintf() calls Chris Sheldon (Jan 29)
- Re: modifing libc to discover gets()/sprintf() calls Julian Assange (Jan 30)
- Re: modifing libc to discover gets()/sprintf() calls Alan Cox (Jan 30)