From owner-freebsd-arch Mon Dec 11 18:54:57 2000 From owner-freebsd-arch@FreeBSD.ORG Mon Dec 11 18:54:55 2000 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id 9D0D137B400 for ; Mon, 11 Dec 2000 18:54:55 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id SAA01782; Mon, 11 Dec 2000 18:56:10 -0800 Date: Mon, 11 Dec 2000 18:56:10 -0800 From: kris@citusc.usc.edu To: Dag-Erling Smorgrav Cc: arch@FreeBSD.ORG Subject: Re: Safe string formatting in the kernel Message-ID: <20001211185610.A1741@citusc.usc.edu> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="AqsLC8rIMeq19msA" Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from des@ofug.org on Mon, Dec 11, 2000 at 07:03:21PM +0100 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --AqsLC8rIMeq19msA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Dec 11, 2000 at 07:03:21PM +0100, Dag-Erling Smorgrav wrote: > I've implemented a set of functions for performing safe string > formatting in the kernel, based on an initial idea (and design) by > Poul-Henning. There's a patch up on freefall: I haven't reviewed this implementation, but introducing a secure string handling API into the kernel has my support as security officer. The current abuse of sprintf() in the kernel is really, really scary. Kris --AqsLC8rIMeq19msA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6NZPKWry0BWjoQKURAg/cAKC3ed/YmIHQTM2dtfHuZF8Qo+6fygCdHLm6 ATYgkgSvJ0hYq6fHZZ2zmS8= =kcYH -----END PGP SIGNATURE----- --AqsLC8rIMeq19msA-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message