Prach Pongpanich prach...@gmail.com writes:
lintian should not complain about hardening for package written in
pure Ocaml [0],[1],[2]
The problem is, that even pure OCaml contains enough features
that may permit arbitrary memory corruptions by an attacker. For
instance, String.unsafe_blit
Le 06/03/2013 09:37, Hendrik Tews a écrit :
In principle I agree, that programs written in a certain subset
of OCaml do not need these hardening features. However, at the
moment this safe subset is not even identified...
OCaml has a built-in notion of unsafe feature (see ocamlobjinfo
output)
OCaml has a built-in notion of unsafe feature (see ocamlobjinfo
output) that could serve as a starting point for that.
Yes, I tried this on
let f b =
let a = abcde in
let c = Obj.magic b in
String.unsafe_blit c 0 a 0 5
For the .cmo, ocamlobjinfo surprisingly
Le 06/03/2013 10:48, Hendrik Tews a écrit :
OCaml has a built-in notion of unsafe feature (see ocamlobjinfo
output) that could serve as a starting point for that.
Yes, I tried this on
let f b =
let a = abcde in
let c = Obj.magic b in
String.unsafe_blit c
4 matches
Mail list logo