Mailinglist Archive: opensuse (3031 mails)

[Aaron Kulkis <akulkis00@xxxxxxxxxx>]

Wolfgang Woehl wrote:
> Donnerstag, 7. Februar 2008 Randall R Schulz:
> > On Thursday 07 February 2008 14:07, Wolfgang Woehl wrote:
>
> > > Randall, for brevity's sake, it can do whatever an ELF LSB
> > > executable chooses to in your backyard.
> > No, that is not so. Can you point me to a known exploit on Firefox
> > (e.g.) that allows execution of arbitrary code? 'Cause that's what
> > you're claiming.
>
> I'm saying any app could.

By what mechanism?

Other than *very* *old*, uncorrected code with buffer-overflow
vulnerabilities, due to calls to strcat(3) instead of
strncat(3), and similar pitfalls which are now very well
understood since the first use in th 1987 Morris Worm,
you have to provide some hard documentation (i.e. code
sections) to make your point here.

These days, nobody writing code for Firefox is using
strcat().  In fact, I would not be surprised if the
dev team had a specific filter written to find any uses
of strcat() so that they can be replaced with strncat(),
and the same for other, similarly vulnerable buffer
copying functions with their -n- sister functions.



--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx