Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: stackguard-like embedded protection

From: H D Moore <hdm () SECUREAUSTIN COM>
Date: Tue, 5 Sep 2000 22:34:37 -0500
Hi,

I know I am going to sound like a moron, but why do these bugs exist in
the first place?  Why cant the *printf functions take an argc parameter
and refuse to expand format strings after that number has been reached?
I know this would break most apps instantly, but its such a small change
it wouldn't be hard to fix.  Is POSIX compliance responsible for this or
am I missing some crucial detail?

-HD


Crispin Cowan wrote:


"Bluefish (P.Magnusson)" wrote:

From what I remember from bugtraq, it seems to be quite tricky to provide
a good patch to this problem. So I wonder, has any of these tools
(ProPolice, libsafe, StackGuard or StackShield) added anything to
combat formatation bugs, or if it's an active research area.


We are working on a robust solution to the format bug problem, but it is
months away from release.
Previous By Date Next
Previous By Thread Next

Current thread: