httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Richards <p...@netcraft.co.uk>
Subject Re: Replacement for mktemp and httpd_monitor
Date Thu, 28 Dec 1995 00:09:57 GMT
In reply to David Robinson who said
> 
> >Strings should be malloced at run time, avoids problems with
> >fixed length buffers and reduces the executable image...
> 
> Errr, no; not unless your linker is broken.

Ehh? What's the linker got to do with it?

> 
> > and generally make better use of memory.
> 
> Not necessarily. Yes, you get some wastage with static strings, but you don't
> get any problems with fragmentation of your heap -- that wastes memory too.
> (Although not in Apache as currently designed; but it would be a problem
> for a multi-threaded daemon.) In fact, alloca(), i.e. allocation on a stack,
> would be best for Apache.

What heap is this you're talking about? Why would allocation on a stack be
best for Apache?

> >Also makes security holes with sprintf a non-issue because strings aren't on
> >the stack. It'd also make string overflows rather obvious because the thing
> >will SIGSEGV.
> 
> Very bogus. This reminds me of a claim made by a data processing manager from
> Halifax Building Society in a UK court: `We know there are no bugs in our
> program because it is written in IBM/370 assembler, and if we makes a mistake
> it abends.' (IBM 0C4 abend is eqivalent to SIGSEGV. IBM error manual
> nostalgia: 'OC4 abend; Cause: progammer error. Fix: fix the bug and recompile')

Not bogus at all. If a string overflow exists then there is a bug
in the code.  Using malloc'd memory means that the result of that
bug is an immediate SIGSEGV. Using a fixed length buffer on the
stack means that the result of the bug is indeterminate. It may
work fine in many situations because it clobbers "safe" memory then
in other circumstances it could trash your stack or create some
fluke executable sequence that did all sorts of things.

Which one do you think is the better outcome of a bug? Which outcome do
you think would allow the bug to be spotted and fixed soonest?

-- 
  Paul Richards, Netcraft Ltd.
  Internet: paul@netcraft.co.uk, http://www.netcraft.co.uk
  Phone: 0370 462071 (Mobile), +44 1225 447500 (work)

Mime
View raw message