Re: [PATCH] Use NULL in vararg

To: Matthias Andree <matthias.andree@xxxxxx>
Subject: Re: [PATCH] Use NULL in vararg
From: Werner Koch <wk@xxxxxxxxx>
Date: Tue, 09 Nov 2004 10:00:19 +0100
Cc: mutt-dev@xxxxxxxx
In-reply-to: <m3zn1sufg3.fsf@xxxxxxxxxxxxxxxxxxxx> (Matthias Andree's message of "Mon, 08 Nov 2004 23:46:36 +0100")
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?body=unsubscribe>
Mail-followup-to: Matthias Andree <matthias.andree@xxxxxx>, mutt-dev@xxxxxxxx
Organisation: g10 Code GmbH
References: <20041108160458.GC13660@xxxxxxxxxxxxxxx> <m3zn1sufg3.fsf@xxxxxxxxxxxxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

On Mon, 08 Nov 2004 23:46:36 +0100, Matthias Andree said:

> OK, it may fix random character roulette on some 64bit systems, but it
> will still bomb out on a lot of systems (SIGSEGV). %s and (void *)0
> don't mix well unless you're using glibc.

It is important to fix that even if printf later dies with a segv.

Dereferencing a NULL pointer is not serious exploit wise: Almost all
OSes don't map the first first page so that dereferencing of NULL will
for sure raise SIGSEGV.  Allowing to dereference any other bad
addresses may cause serious harm.   Systems with sizeof (int) !=
sizeof (void*) are quite common these days.


Shalom-Salam,

   Werner

References:
- [PATCH] Use NULL in vararg
  - From: Ralf Wildenhues
- Re: [PATCH] Use NULL in vararg
  - From: Matthias Andree

Prev by Date: [2004-11-09] CVS repository changes
Next by Date: Re: [PATCH] Use NULL in vararg
Previous by thread: Re: [PATCH] Use NULL in vararg
Next by thread: Re: [PATCH] Use NULL in vararg
Index(es):
- Date
- Thread