FreeBSD Kernel buffer overflow

gerarra at gerarra at
Sat Sep 18 03:24:04 PDT 2004

>What keeps the attacker from installing two syscalls, the first of which
>pokes NOPs over the KASSERT code, and the second of which accepts too
>many arguments?
>If you think we really need this bit of extra security, why not just
>prevent the syscall with too many arguments from being registered by
>syscall_register()?  At least that keeps the check out of the most
>frequently executed path.

This is not intended like a security check, just like a prevention against
accidental buffer overflow (like my proof of concept). This is a quite simple
concept, take care.


More information about the freebsd-hackers mailing list