[7348] in bugtraq
Re: EMERGENCY: new remote root exploit in UW imapd
daemon@ATHENA.MIT.EDU (Peter Jeremy)
Wed Jul 22 14:39:35 1998
Date: Wed, 22 Jul 1998 07:49:54 +1000
Reply-To: Peter Jeremy <peter.jeremy@ALCATEL.COM.AU>
From: Peter Jeremy <peter.jeremy@ALCATEL.COM.AU>
X-To: easmith@BEATRICE.RUTGERS.EDU
To: BUGTRAQ@NETSPACE.ORG
On Mon, 20 Jul 1998 21:13:31 -0400, Allen Smith <easmith@BEATRICE.RUTGERS.EDU> wrote:
>On Jul 16, 11:04pm, Perry E. Metzger (possibly) wrote:
>> One thing that I wonder about, though, is that several years ago, some
>> guy in the U.K. did a bounds checking version of GCC.
>
>http://www-dse.doc.ic.ac.uk/~rj3/bounds-checking.html
>
>This is for 2.7.2. Be forewarned that it results in _very_ slow
>programs
AFAIK it is no longer maintained. It places a number of unfortunate
restrictions on the code (it's incompatible with setjmp()/longjmp()
and signal handlers require special treatment). I'm also aware of the
following fairly serious bugs:
- str[n]casecmp() doesn't work when either string contains characters
with the MSB set (I have submitted patches to fix this).
- side-effects in multi-dimensional array references are evaluated
multiple times. In particular `foo[y++][x]' increments y by 2.
(I can see why this is occurring, but not how to cleanly fix it).
Peter
--
Peter Jeremy (VK2PJ) peter.jeremy@alcatel.com.au
Alcatel Australia Limited
41 Mandible St Phone: +61 2 9690 5019
ALEXANDRIA NSW 2015 Fax: +61 2 9690 5247
