[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: modifing libc to discover gets()/sprintf() calls
From: Alan Cox <alan () LXORGUK ! UKUU ! ORG ! UK>
Date: 1997-01-30 21:28:55
[Download RAW message or body]
> The only big problem I is that any difference between the libc.a and
> the running libc.so shared library would become painfully obvious
> after creating and installing the new shared library with the
> printf modifications.
Well one other approach would be to use some kind of ELF extension to
mark a symbol of type 'text, insecure'. Then the linker would link the binary
and report
fooprog: symbol _gets is insecure
fooprog: symbol _sprintf is insecure
Alan
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic