From owner-freebsd-security@FreeBSD.ORG Tue Sep 15 17:35:25 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B86081065670 for ; Tue, 15 Sep 2009 17:35:25 +0000 (UTC) (envelope-from chris@noncombatant.org) Received: from strawberry.noncombatant.org (strawberry.noncombatant.org [64.142.6.126]) by mx1.freebsd.org (Postfix) with ESMTP id A1FBB8FC23 for ; Tue, 15 Sep 2009 17:35:25 +0000 (UTC) Received: by strawberry.noncombatant.org (Postfix, from userid 1001) id C758C775171; Tue, 15 Sep 2009 10:17:42 -0700 (PDT) Date: Tue, 15 Sep 2009 10:17:42 -0700 From: Chris Palmer To: Pieter de Boer , freebsd-security@freebsd.org Message-ID: <20090915171742.GB24361@noncombatant.org> References: <4AAF4A64.3080906@thedarkside.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4AAF4A64.3080906@thedarkside.nl> User-Agent: Mutt/1.4.2.3i Cc: Subject: Re: Protecting against kernel NULL-pointer derefs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2009 17:35:25 -0000 Pieter's approach to the problem seems reasonable. If it provides some safety without breaking any/too many applications, why not adopt it? I wonder how many of these kinds of issues could also be caught with unit tests/regression tests. See also: the CanSecWest 2009 FreeBSD bugs by Christer Oberg and Neil Kettle. -- http://www.noncombatant.org/ http://hemiolesque.blogspot.com/