[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Imminent bugfix release (1.97.1)
From: |
Vladimir 'phcoder' Serbinenko |
Subject: |
Re: Imminent bugfix release (1.97.1) |
Date: |
Tue, 10 Nov 2009 20:01:34 +0100 |
User-agent: |
Mozilla-Thunderbird 2.0.0.22 (X11/20091109) |
Duboucher Thomas wrote:
> Bean a écrit :
> > Hi,
>
> > My previous function ensures that execution time is the same
> > regardless of the input. Although it's not necessary, I guess it's a
> > nice feature to have. BTW, the simpler function does leak one
> > information, the size of buffer as the execution time would increase
> > until the buffer size is reached.
>
>
> Hi,
>
> Yes, constant time of execution _is_ a constraint of this function.
> However, I don't think that giving access to the size of the buffer is a
> leak per se, the source code of Grub being available for everyone; We
> only need not to leak more informations than already available.
>
Yes. No security analysis can assume attacker doesn't have the source code
> Thomas.
_______________________________________________
Grub-devel mailing list
address@hidden
http://lists.gnu.org/mailman/listinfo/grub-devel
--
Regards
Vladimir 'phcoder' Serbinenko
signature.asc
Description: OpenPGP digital signature
- Re: Imminent bugfix release (1.97.1), (continued)
- Re: Imminent bugfix release (1.97.1), address@hidden, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Duboucher Thomas, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Duboucher Thomas, 2009/11/10
- Re: Imminent bugfix release (1.97.1),
Vladimir 'phcoder' Serbinenko <=
- Re: Imminent bugfix release (1.97.1), Vladimir 'phcoder' Serbinenko, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Duboucher Thomas, 2009/11/10
- Re: Imminent bugfix release (1.97.1), address@hidden, 2009/11/10
- Re: Imminent bugfix release (1.97.1), Duboucher Thomas, 2009/11/10