Navigation
Recherche
|
[$] The trouble with struct sockaddr's fake flexible array
jeudi 7 novembre 2024, 17:34 , par LWN.net
Flexible arrays — arrays that are declared as the final member of a
structure and which have a size determined at run time — have long drawn the attention of developers seeking to harden the kernel against buffer-overflow vulnerabilities. These arrays have reliably been a source of bugs, so anything that can be done to ensure that operations on them stay within bounds is a welcome improvement. While many improvements, including the recent counted-by work, have been made, one of the most difficult cases remains. Now, however, developers who are interested in using recent compiler bounds-checking features are trying to get a handle on struct sockaddr.
https://lwn.net/Articles/997094/
Voir aussi |
56 sources (32 en français)
Date Actuelle
ven. 8 nov. - 01:48 CET
|