Mail Archives: cygwin-developers/2001/11/24/16:39:04
On Sat, Nov 24, 2001 at 04:26:45PM -0500, Christopher Faylor wrote:
> On Sat, Nov 24, 2001 at 10:13:57PM +0100, Corinna Vinschen wrote:
> >On Fri, Nov 23, 2001 at 10:18:35PM -0500, Christopher Faylor wrote:
> >> As I was in the process of adding the fd protection code that was just
> >> mentioned in the cygwin mailing list, I decided to add the normal buffer
> >> checking defensive code to most of the net/socket functions. I've
> >> verified that sshd, inetd, and telnetd still work, but I'd appreciate it
> >> if I could get some assurance that I haven't broken anything else.
> >>
> >> The checking in net.cc was a lot trickier than I had anticipated so
> >> I could easily have gotten something wrong.
> >>
> >> If someone could verify my changes, it would be great.
> >
> >They look ok except for one in cygwin_inet_network() which I've just
> >changed.
> >
> >I have added the missing checks except for cygwin_rcmd() and
> >cygwin_rexec(). They both have a so weird usage of the pointered
> >parameters. Hmm, I could add stuff at least partly.
>
> herror, does something special when it's parameter is NULL, though.
> I don't think a parameter check is appropriate here. linux actually
> gets a SEGV when you pass herror an invalid parameter.
I've just figured already that s == NULL is allowed and changed
the patch locally. But isn't it overopportunistic to have a SEGV
just because the Linux lib doesn't check the parameter?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin AT cygwin DOT com
Red Hat, Inc.
- Raw text -