Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 18 Sep 2004 11:31:12 +0200
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Don Lewis <truckman@FreeBSD.org>
Cc:        keramida@FreeBSD.org
Subject:   Re: FreeBSD Kernel buffer overflow
Message-ID:  <20040918093112.GY30151@darkness.comp.waw.pl>
In-Reply-To: <200409180918.i8I9ItWl001012@gw.catspoiler.org>
References:  <20040918090227.GX30151@darkness.comp.waw.pl> <200409180918.i8I9ItWl001012@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--vTRmFbgCnKZxKP6J
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Sep 18, 2004 at 02:18:55AM -0700, Don Lewis wrote:
+> On 18 Sep, Pawel Jakub Dawidek wrote:
+> > On Fri, Sep 17, 2004 at 12:37:12PM +0300, Giorgos Keramidas wrote:
+> > +> % +#ifdef INVARIANTS
+> > +> % +       KASSERT(0 <=3D narg && narg <=3D 8, ("invalid number of s=
yscall args"));
+> > +> % +#endif
+> >=20
+> > Maybe:
+> > KASSERT(0 <=3D narg && narg <=3D sizeof(args) / sizeof(args[0]),
+> >     ("invalid number of syscall args"));
+> >=20
+> > So if we decide to increase/decrease it someday, we don't have to reme=
mber
+> > about this KASSERT().
+>=20
+> What keeps the attacker from installing two syscalls, the first of which
+> pokes NOPs over the KASSERT code, and the second of which accepts too
+> many arguments?

First of all, this is not protection from an attacker, but help for bad
programmers.

+> If you think we really need this bit of extra security, why not just
+> prevent the syscall with too many arguments from being registered by
+> syscall_register()?  At least that keeps the check out of the most
+> frequently executed path.

Good point, this is much better place for it.

--=20
Pawel Jakub Dawidek                       http://www.FreeBSD.org
pjd@FreeBSD.org                           http://garage.freebsd.pl
FreeBSD committer                         Am I Evil? Yes, I Am!

--vTRmFbgCnKZxKP6J
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFBTABgForvXbEpPzQRArg0AJ9Yzybv1ii9WvDeqaFvIWP5+/C1gACfQ0g9
jOhOseOQ8oP14LxHpVYxPeA=
=pVnL
-----END PGP SIGNATURE-----

--vTRmFbgCnKZxKP6J--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040918093112.GY30151>