[Gc] security issue with libgc ?

Andrew Haley aph at redhat.com
Fri Mar 16 07:41:57 PST 2007


Christophe Meessen writes:

 > I plan to use libgc in a network application where remote user could 
 > send in data.
 >  From the documentation I understand that libgc identifies pointers by 
 > himself in the block data.
 > How secure is this against specialy crafted byte blocks received from 
 > the network ?
 > Could it be possible to provide data that tricks libgc into considering 
 > some of it as pointers and interfering with its normal activity  like 
 > jeopardizing memory management, crashing the program or worse causing it 
 > to execute injected code ?

Would it be possible to mount a denial of service attack by creating a
lot of data that contained false pointers?  Certainly it would, you
could make a machine run out of memory this way.

But injecting code or crashing the program?  Not unless your program
has some other bug that is triggered by running out of memory.

Andrew.


More information about the Gc mailing list