Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 4 May 2017 10:51:43 -0400
From: Daniel Micay <danielmicay@...il.com>
To: Kees Cook <keescook@...omium.org>, kernel-hardening@...ts.openwall.com
Cc: Daniel Micay <danielmicay@...il.com>
Subject: Re: [PATCH] add the option of fortified string.h functions

There are temporary workarounds for the overflows this found in
https://github.com/thestinger/linux-hardened/commits/4.11, but not
real fixes yet. There are some mostly harmless misuses of memcpy
instead of strncpy and memcmp instead of strncmp where the source is a
string constant. The arm64 vdso code uses memcmp with the address of
'char vdso_start' so perhaps that can become 'char
vdso_start[PAGE_SIZE]' instead. One of the issues looks a bit more
concerning.

I haven't found any issues at runtime but that doesn't mean much since
none of the compile-time issues were in code that's used on my
desktop. This has been used on a 3.18 LTS arm64 kernel targeting the
Pixel / Pixel XL on CopperheadOS for a while and found a real runtime
stack buffer write overflow there in an out-of-tree driver. I'm
somewhat surprised by the fact that there are real buffer overflows
lying around that are this easily found without any fuzzing, etc.
rather than this feature only providing a fair bit of runtime coverage
to mitigate bugs that require edge cases.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.