FreeBSD Kernel buffer overflow
gerarra at tin.it
gerarra at tin.it
Sat Sep 18 03:24:04 PDT 2004
>What keeps the attacker from installing two syscalls, the first of which
>pokes NOPs over the KASSERT code, and the second of which accepts too
>many arguments?
>
>If you think we really need this bit of extra security, why not just
>prevent the syscall with too many arguments from being registered by
>syscall_register()? At least that keeps the check out of the most
>frequently executed path.
This is not intended like a security check, just like a prevention against
accidental buffer overflow (like my proof of concept). This is a quite simple
concept, take care.
rookie
More information about the freebsd-hackers
mailing list