Re: 10 more overflows (minor) - Robert Watson - org.freebsd.freebsd-audit

2 messages in org.freebsd.freebsd-auditRe: 10 more overflows (minor)

From	Sent On	Attachments
tstr...@rtci.com	Dec 7, 1999 9:05 am
Robert Watson	Dec 7, 1999 10:57 am

Subject:	Re: 10 more overflows (minor)
From:	Robert Watson (rob...@cyrus.watson.org)
Date:	Dec 7, 1999 10:57:37 am
List:	org.freebsd.freebsd-audit

Those ones in dump/etc are nasty. :-)

So, right now you grab environment information from the binaries, but you could also instrument libc (and others) to report on their use of getenv/etc to some logging mechanism, and then attempt to exploit the ones used. This would help you in situations (that might exist) where the program uses variable string pointers to call getenv.

Also, with the fts_ stuff a while, back, that raises the issue of long filenames as a potential source of suffering. Not sure how easy that would be to test, but really suggests a libc test harness (or syscall test harness) that causes unpleasentness for processes running in it.

Robert N M Watson

rob...@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services

To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets