[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation.
|
From: |
Demetrios Obenour |
|
Subject: |
bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation. |
|
Date: |
Sun, 7 Sep 2014 23:17:30 -0400 |
This is crucial. Otherwise, a security vulnerability could result.
MAX_ALLOCA should not be larger than the page size for the target architecture.
Demetrios Obenour
-----Original Message-----
From: bug-gnu-emacs-bounces+demetriobenour=gmail.com@gnu.org
[mailto:bug-gnu-emacs-bounces+demetriobenour=gmail.com@gnu.org] On Behalf Of
Paul Eggert
Sent: Sunday, September 7, 2014 10:38 PM
To: Stefan Monnier
Cc: 18410@debbugs.gnu.org
Subject: bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation.
Stefan Monnier wrote:
> MAX_ALLOCA is chosen small so that we can allocate several/many
> objects of size MAX_ALLOCA.
That's one reason, but another is that stack-overflow checking often relies on
guard pages. If we blindly increase MAX_ALLOCA (or some variant of it, just
for call-process) Emacs could bypass stack-overflow checking, resulting in
behavior that could be worse than simply dumping core.
If I understand things correctly, Dmitry's recent stack-overflow changes don't
affect this, as they don't deal with the guard-page region size.
- bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation., (continued)
- bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation., Dmitry Antipov, 2014/09/08
- bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation., Eli Zaretskii, 2014/09/07
- bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation., Stefan Monnier, 2014/09/08
- bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation., Eli Zaretskii, 2014/09/09
- bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation., Stefan Monnier, 2014/09/09