[Gc] security issue with libgc ?

MenTaLguY mental at rydia.net
Fri Mar 16 09:35:14 PST 2007


On Fri, 16 Mar 2007 16:30:28 +0100, Christophe Meessen <meessen at cppm.in2p3.fr> wrote:
> Could it be possible to provide data that tricks libgc into considering
> some of it as pointers and interfering with its normal activity  like
> jeopardizing memory management, crashing the program or worse causing it
> to execute injected code ?

Assuming your program is otherwise correct, the worst that can happen is that memory is prevented from being freed because values received from the network happen to look like live references.

To mitigate that, I would suggest allocating any buffers you use for receiving data from the network using gc_malloc_atomic, so the gc knows to ignore any apparent pointers inside them.  It's a good idea anyway, even discounting malicious clients.

-mental



More information about the Gc mailing list