Menu
▾
▴
Re: [Tclhttpd-users] MS virus bogus URLs
|
From: Brent W. <we...@pa...> - 2004-07-20 21:38:20
|
I can't help but point out that you need to write a string that consumes all of the processes virtual memory space in the heap, which makes it very unlikely that the process will do anything but get aborted by the operating sytsem. Tcl will simply panic when its malloc fails. This is quite different than the standard gets() buffer overlow attack where you can craftily put nasty code instructions on the stack and cause the program to is misbehave in predictable ways. >>>Colin McCormack said: > On Tue, 2004-07-20 at 14:51, Gerald W. Lester wrote: > > Colin McCormack wrote: > > > >However, on a peripherally related matter, GPS has pointed out on tcl > > >chat that it's possible to crash the underlying tcl by sending an > > >*extremely* long string - because [gets] has no bounds checking on the > > >length of a line, and tcl will eventually run out of allocatable storage > > >for buffering. > > > >Probably the best/only/complete solution to that is a TIP to fconfigure > > >a line limit. > > > Actually I'd to see things use read and TIP for an option -breakon > > ListOfChars > > Why would you prefer this, Gerald? I have no objection to it at all, > but I'm interested to know what it buys. > > I think the gets overflow problem is similar to the C gets() overflow, > but it has the desirable property of crashing tcl rather than allowing > the sender to execute arbitrary code :) Given that [gets] will continue > to exist, [gets] overflow and tcl crash will always be a problem, so I > see your suggestion as orthogonal to this specific problem, although it > may stand on its own merits. > -- > Colin McCormack <co...@ch...> > > > > ------------------------------------------------------- > This SF.Net email is sponsored by BEA Weblogic Workshop > FREE Java Enterprise J2EE developer tools! > Get your free copy of BEA WebLogic Workshop 8.1 today. > http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click > _______________________________________________ > TclHttpd-users mailing list > Tcl...@li... > https://lists.sourceforge.net/lists/listinfo/tclhttpd-users > -- Brent Welch Software Architect, Panasas Inc Delivering the premier storage system for scalable Linux clusters www.panasas.com we...@pa... |
