[Gc] security issue with libgc ?

Florian Weimer fw at deneb.enyo.de
Fri Mar 16 12:24:09 PST 2007


* Christophe Meessen:

> From the documentation I understand that libgc identifies pointers
> by himself in the block data.  How secure is this against specialy
> crafted byte blocks received from the network ?

You could place most of the data you receive from the network into
atomic memory blocks.  This should mitigate the DoS risk.

The collector is conservative in the sense that it only mistakenly
takes an integer for a pointer, but not vice versa.


More information about the Gc mailing list