stdcxx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Farid Zaripov" <Far...@kyiv.vdiweb.com>
Subject RE: Environment for the test of the string functions memory overrun with example
Date Mon, 17 Jul 2006 15:51:03 GMT
 

> -----Original Message-----
> From: Martin Sebor [mailto:sebor@roguewave.com] 
> Sent: Saturday, July 15, 2006 3:17 AM
> To: stdcxx-dev@incubator.apache.org
> Subject: Re: Environment for the test of the string functions 
> memory overrun with example
[...]
> Excellent! Is it expected to pass all assertions? If so, what
> platform(s) did you test it on? I get the output below on Solaris 9.

  I have been tested on Windows XP and SuSe Linux.

  Windows grant read access with write and execute access rights except
PAGE_NOACCESS.
SuSe Linux grant read access with execute access.
I think Solaris 9 grant read access only when PROT_READ is specified
explicitly.

http://www.opengroup.org/onlinepubs/009695399/functions/mmap.html says
that guaranteed only:
- no write access if PROT_WRITE is not specified;
- no any access if prot == PROT_NONE.

------------------------------------------------------------------------
------------
An implementation may permit accesses other than those specified by
prot; however, if the Memory Protection
option is supported, the implementation shall not permit a write to
succeed where PROT_WRITE has not been
set or shall not permit any access where PROT_NONE alone has been set.
------------------------------------------------------------------------
------------


  I see two ways to resolve these asserts:

1) add #elif defined (__linux__) guarded code (see below)

        bool canread = (tcase.prot_ &
#if defined (_WIN32) || defined (_WIN64)
               (RW_PROT_READ | RW_PROT_WRITE | RW_PROT_EXEC))
#elif defined (__linux__)
               (RW_PROT_READ | RW_PROT_EXEC))
#else
               (RW_PROT_READ)
#endif
            && (
                (protbelow && 0 <= tcase.index_)
             || (!protbelow && tcase.index_ < int (tcase.size_))
            );

2) remove check of read access if RW_PROT_READ is not specified
explicitly


  What do you think about this?

Farid.

Mime
View raw message