BIND 10 #2749: kill io_utilities.h or make it safe
BIND 10 Development
do-not-reply at isc.org
Fri Feb 15 03:46:21 UTC 2013
#2749: kill io_utilities.h or make it safe
-------------------------------------+-------------------------------------
Reporter: | Owner:
jinmei | Status: new
Type: | Milestone: Next-Sprint-
defect | Proposed
Priority: high | Keywords:
Component: | Sensitive: 0
Unclassified | Sub-Project: Core
CVSS Scoring: | Estimated Difficulty: 0
Defect Severity: N/A | Total Hours: 0
Feature Depending on Ticket: |
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
API defined in util/io_utilities.h looks very dangerous: It
reads/writes raw C pointers without any length information. That's a
typical 20C design and is waiting for arbitrary-code execution bugs.
Fortunately it doesn't seem to be used except in unit tests and
some very limited cases of DHCP code, but I suggest we deprecate it or
at least revise using safer primitive (if performance doesn't matter
such as in cases of tests, use C++ vector, for example; if it's
highly performance sensitive, at least add length arg and explicit
range check inside the functions).
--
Ticket URL: <http://bind10.isc.org/ticket/2749>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list