From owner-freebsd-security Sun Feb 16 18:13:04 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id SAA14267 for security-outgoing; Sun, 16 Feb 1997 18:13:04 -0800 (PST) Received: from gatekeeper.tsc.tdk.com (root@gatekeeper.tsc.tdk.com [207.113.159.21]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA14262 for ; Sun, 16 Feb 1997 18:13:00 -0800 (PST) Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191]) by gatekeeper.tsc.tdk.com (8.8.4/8.8.4) with ESMTP id SAA18122; Sun, 16 Feb 1997 18:12:18 -0800 (PST) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by sunrise.gv.tsc.tdk.com (8.8.4/8.8.4) with ESMTP id SAA09309; Sun, 16 Feb 1997 18:12:17 -0800 (PST) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.4/8.8.4) id SAA23186; Sun, 16 Feb 1997 18:12:12 -0800 (PST) From: Don Lewis Message-Id: <199702170212.SAA23186@salsa.gv.tsc.tdk.com> Date: Sun, 16 Feb 1997 18:12:12 -0800 In-Reply-To: Cy Schubert "Re: buffer overruns" (Feb 16, 1:05pm) X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95) To: cschuber@uumail.gov.bc.ca, Bruce Evans Subject: Re: buffer overruns Cc: dufault@hda.com, roberto@keltia.freenix.fr, freebsd-security@FreeBSD.org Sender: owner-security@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Feb 16, 1:05pm, Cy Schubert wrote: } Subject: Re: buffer overruns } } What about the bounds-checking gcc? Would that be a place to start? } You can get it from ftp://dse.doc.ic.ac.uk/pub/misc/bcc/. I'm using it for something right now, but it's not a general purpose solution. It doesn't get along very well with signals. Your code will run about 20 times slower. It works really well in those cases where your software manages to corrupt large parts of its memory before finally core dumping, so that you can't figure out what caused the initial problem by pointing gdb at the core dump. --- Truck