Date: Sun, 12 Dec 2010 21:45:09 -0500 From: Havoc Pennington <hp@...ox.com> To: Rémi Denis-Courmont <remi@...lab.net> Cc: dbus@...ts.freedesktop.org, oss-security@...ts.openwall.com Subject: Re: Clarifications on the D-Bus specification I posted patches to the bug that need testing with your exploit and need a spec patch. My patches assume the max nest depth is 64. Some code in dbus-message.c breaks if a DBusMessage goes over 255, so I'd recommend not going over that. But 128 would be pretty easily possible if desired. I used "2 * DBUS_MAXIMUM_TYPE_RECURSION_DEPTH" instead of adding a new constant to dbus-protocol.h since that was already the max nesting in a signature if you nested arrays in structs. But maybe it should be a new constant, especially if it isn't 64. Someone else will need to pick this up tomorrow and get it pushed, but I hope my start on it is helpful. Thanks Havoc
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.