Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: EMERGENCY: new remote root exploit in UW imapd

From: peter.jeremy () ALCATEL COM AU (Peter Jeremy)
Date: Wed, 22 Jul 1998 07:49:54 +1000

On Mon, 20 Jul 1998 21:13:31 -0400, Allen Smith <easmith () BEATRICE RUTGERS EDU> wrote:

On Jul 16, 11:04pm, Perry E. Metzger (possibly) wrote:

One thing that I wonder about, though, is that several years ago, some
guy in the U.K. did a bounds checking version of GCC.


http://www-dse.doc.ic.ac.uk/~rj3/bounds-checking.html

This is for 2.7.2. Be forewarned that it results in _very_ slow
programs


AFAIK it is no longer maintained.  It places a number of unfortunate
restrictions on the code (it's incompatible with setjmp()/longjmp()
and signal handlers require special treatment).  I'm also aware of the
following fairly serious bugs:
- str[n]casecmp() doesn't work when either string contains characters
  with the MSB set (I have submitted patches to fix this).
- side-effects in multi-dimensional array references are evaluated
  multiple times.  In particular `foo[y++][x]' increments y by 2.
  (I can see why this is occurring, but not how to cleanly fix it).

Peter
--
Peter Jeremy (VK2PJ)                    peter.jeremy () alcatel com au
Alcatel Australia Limited
41 Mandible St                          Phone: +61 2 9690 5019
ALEXANDRIA  NSW  2015                   Fax:   +61 2 9690 5247
Previous By Date Next
Previous By Thread Next

Current thread: