|
From: | Erik Auerswald |
Subject: | Re: fixing the ftp crashes found via fuzzer |
Date: | Sun, 2 Oct 2022 17:32:51 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 |
Hi, On 01.10.22 18:39, Erik Auerswald wrote:
On 21.09.22 09:15, Simon Josefsson wrote:Erik Auerswald <auerswal@unix-ag.uni-kl.de> writes:I'll try to commit and push regression tests and fixes for the first, third, and fourth problem during the weekend.Thank you.What do you all think regarding recursive macros (the second problem)?Having an arbitrary sized recusion limit of, say, depth 100, while not ideal (not sure what would be?), may be acceptable. Alternative, simply document that the code is vulnerable to infinite recursion.I think I'll look into adding an arbitrary recursion limit (with a compile time constant) to avoid the crash on running out of stack memory. My first idea is to add a static counter to domacro(). If it is over the recursion limit when entering the function, then leave it with an error message. Otherwise increment it. Decrement it before leaving the function. I'll have to check how many exits the function has.
I have added a maximum nesting depth of 1000 to macro execution. This fixes the crash via infinite macro recursion. With this fix, all the crashes of GNU Networking Utilities found via fuzzer and reported at the end of last year are addressed. Br, Erik
[Prev in Thread] | Current Thread | [Next in Thread] |