FreeBSD Mail Archives

Date:      Thu, 11 Jan 2018 19:11:38 +1100
From:      Peter Jeremy <peter@rulingia.com>
To:        Sujit K M <sjt.kar@gmail.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: Response to Meltdown and Spectre
Message-ID:  <20180111081138.GA10072@server.rulingia.com>
In-Reply-To: <CAOPOgtBiTjXTzu9_bqpP2u-mi8JKLumgBiSpfEJrYUFBpFVWwg@mail.gmail.com>
References:  <20180108175751.GH9701@gmail.com> <CAOPOgtBiTjXTzu9_bqpP2u-mi8JKLumgBiSpfEJrYUFBpFVWwg@mail.gmail.com>


--dDRMvlgZJXvWKvBx
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2018-Jan-10 16:46:01 +0530, Sujit K M <sjt.kar@gmail.com> wrote:
>>From my understanding what is happening is that an array overflow is happ=
ening.
>Can't it be handled more generically.

The array overflow in the example code is solely a convenient mechanism to
make C reference an arbitrary virtual address.  An attacker could import
code from another system so it's not possible to mitigate the vulnerability
by (eg) implementing bounds checking in a compiler.

--=20
Peter Jeremy

--dDRMvlgZJXvWKvBx
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE7rKYbDBnHnTmXCJ+FqWXoOSiCzQFAlpXHDpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEVF
QjI5ODZDMzA2NzFFNzRFNjVDMjI3RTE2QTU5N0EwRTRBMjBCMzQACgkQFqWXoOSi
CzScxQ//eUrTDRLDkdXM/mr7XvQI04/L8rVdOWToPoopZumfnBBu94gJZuUDbda9
uLfJr19ObHQaf0sRFyJ0KVDPnzCj/quhYiFVtDUvNWbhv2IkUIFZKFoLbiDBLGOv
TCgcCcI8LhAKdZd6vv6p73Lyv2rojIxOJ+nke1hIaqiQH4TEDt0+epwWGFtriI+r
2KKCwycufBaRriAxExqIG7Bkh4svaZQmWpN4uyg6sYjxKsPYN6iMUNYgEmFR0NiV
eJZIst3mvwYhorECNyiVVf+T8U1S/MHOFTBnzgKZN3qMFZJZr426GNsy/Wnz4k3d
tIEX0bGKSIRFtTEdlytKOZW/WkqNsyGtAeyMjFaPjUWK9w7z5YJeDg2171KcG+YG
bwKCsbfhdy4wpGk6RvjNLQ/Smvg63XLIq6BrVBlUvy5A/cbmVsUpoht6eidpxs/N
PGobjq9drbiB4RZ+rV1Ij/R5/JUgCEVJVzTYXBMr859w1L+9crXqpwA/KA/+fTZv
/J/C8Usc6AFX4Ds9NSnYd71/EiNmgPCZSZYAWneJWYdvkPAoxrDr5Ujpi1OQD/aW
59COG6eftLV6KBPPpv93zHM1cRq1gp3RYDZzKO2a9YJOutuXIPhRE0XIV4dVnpQZ
DB8pJeWabC3V5t8qxXZiMwhzArgT7Rox637oniQe+IdCSo7uQV0=
=psn/
-----END PGP SIGNATURE-----

--dDRMvlgZJXvWKvBx--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180111081138.GA10072>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation