Navigation
Search
|
[$] The trouble with struct sockaddr's fake flexible array
Thursday November 7, 2024. 05:34 PM , from LWN.net
Flexible arrays — arrays that are declared as the final member of a
structure and which have a size determined at run time — have long drawn the attention of developers seeking to harden the kernel against buffer-overflow vulnerabilities. These arrays have reliably been a source of bugs, so anything that can be done to ensure that operations on them stay within bounds is a welcome improvement. While many improvements, including the recent counted-by work, have been made, one of the most difficult cases remains. Now, however, developers who are interested in using recent compiler bounds-checking features are trying to get a handle on struct sockaddr.
https://lwn.net/Articles/997094/
Related News |
25 sources
Current Date
Nov, Thu 21 - 13:55 CET
|