[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fixing the ftp crashes found via fuzzer

From: Erik Auerswald
Subject: Re: fixing the ftp crashes found via fuzzer
Date: Sun, 2 Oct 2022 17:32:51 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0


On 01.10.22 18:39, Erik Auerswald wrote:
On 21.09.22 09:15, Simon Josefsson wrote:
Erik Auerswald <auerswal@unix-ag.uni-kl.de> writes:

I'll try to commit and push regression tests and fixes for the first,
third, and fourth problem during the weekend.

Thank you.

What do you all think regarding recursive macros (the second problem)?

Having an arbitrary sized recusion limit of, say, depth 100, while not
ideal (not sure what would be?), may be acceptable.  Alternative, simply
document that the code is vulnerable to infinite recursion.

I think I'll look into adding an arbitrary recursion limit
(with a compile time constant) to avoid the crash on running
out of stack memory.

My first idea is to add a static counter to domacro().  If
it is over the recursion limit when entering the function,
then leave it with an error message.  Otherwise increment
it.  Decrement it before leaving the function.

I'll have to check how many exits the function has.

I have added a maximum nesting depth of 1000 to macro
execution.  This fixes the crash via infinite macro

With this fix, all the crashes of GNU Networking Utilities
found via fuzzer and reported at the end of last year are


reply via email to

[Prev in Thread] Current Thread [Next in Thread]