[Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun

chicken-hackers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Chicken-hackers] [PATCH] portable fix for select() buffer overrun

From:	Peter Bex
Subject:	[Chicken-hackers] [PATCH] portable fix for select() buffer overrun
Date:	Sun, 18 Nov 2012 21:09:51 +0100
User-agent:	Mutt/1.4.2.3i

Hello all,

Windows is a pain in the neck.  Here's a patch that uses poll() on
all systems except Windows.  This should work around the buffer overrun
vulnerability in select() described in
http://lists.nongnu.org/archive/html/chicken-users/2012-06/msg00031.html
I hope we can finally check this one off our list; it's been almost
half a year!

I've tested Spiffy on NetBSD with Slowloris, and I couldn't get it to
crash when HAVE_POSIX_POLL was defined, whereas it would crash quickly
when it wasn't (but only in a DEBUGBUILD; for some reason a normal build
won't crash so easily).

Cheers,
Peter
-- 
http://sjamaan.ath.cx
--
"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
                                                        -- Donald Knuth

0001-Fix-select-buffer-overrun-vulnerability-by-using-POS.patch
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

[Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun, Peter Bex <=
- Re: [Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun, Felix, 2012/11/20

Prev by Date: [Chicken-hackers] [PATCH] csc: avoid overwriting files given on command line
Next by Date: Re: [Chicken-hackers] [PATCH] csc: avoid overwriting files given on command line
Previous by thread: [Chicken-hackers] [PATCH] csc: avoid overwriting files given on command line
Next by thread: Re: [Chicken-hackers] [PATCH] *portable* fix for select() buffer overrun
Index(es):
- Date
- Thread