Date: Sat, 9 Jul 2005 09:04:07 +1000 (EST) From: Neo-Vortex <root@Neo-Vortex.net> To: Jeremie Le Hen <jeremie@le-hen.org> Cc: freebsd-hackers@freebsd.org Subject: Re: ProPolice: best way to fill canary Message-ID: <20050709090103.C9307@Neo-Vortex.net> In-Reply-To: <20050708153506.GM39292@obiwan.tataz.chchile.org> References: <20050708153506.GM39292@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 8 Jul 2005, Jeremie Le Hen wrote: > Hello hackers, > > I'm going to disturb you once again with ProPolice. The original > ProPolice patch, as well as most of FreeBSD variants and Linux one, > uses /dev/urandom to fill the "canary" with random data (the canary > is what is going to be put between buffer and return address in the > stack). OTOH, OpenBSD uses kern.arnd sysctl to achieve this (this > is a sysctl front-end to the arc4random() function). Just one question, why does the canary have to be filled with random data? Why not just zero it? sure you get a single random value to find out how many zero's to use, but why waste that much good-quality random data (and of course if there isn't enough in urandom, you would have to make it loop till there is enough unless you make it just leave the rest as-is) IMHO there is no advantages (well, that i can see) of having it random data rather than just NULL... Feel free to correct me if i'm wrong... ~NVX
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050709090103.C9307>