Hello,
I'm wondering whether there is an exploitable TOCTTOU race condition in the way
user pointers are handled in the kernel. Consider the following code:
1: struct st { int *u; };
2: void syscall(struct st * stp) {
3:if (!access_ok(VERIFY_READ,stp,sizeof(struct st)))
4:
Hello,
I'm wondering whether there is an exploitable TOCTTOU race condition in the way
user pointers are handled in the kernel. Consider the following code:
1: struct st { int *u; };
2: void syscall(struct st * stp) {
3:if (!access_ok(VERIFY_READ,stp,sizeof(struct st)))
4:
2 matches
Mail list logo