Launchpad has imported 4 comments from the remote bug at http://sourceware.org/bugzilla/show_bug.cgi?id=10149.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2009-05-12T18:05:34+00:00 Kees Cook wrote: When building the stack guard, it has been traditionally important to have the value start (in memory) with a zero byte to protect the guard value (and the rest of the stack past it) from being read via strcpy, etc. This patch reduces the number of random bytes by one, leaving the leading zero byte. Reply at: https://bugs.launchpad.net/glibc/+bug/413278/comments/0 ------------------------------------------------------------------------ On 2009-05-12T18:05:58+00:00 Kees Cook wrote: Created attachment 3933 keep leading zero Reply at: https://bugs.launchpad.net/glibc/+bug/413278/comments/1 ------------------------------------------------------------------------ On 2009-05-14T21:48:40+00:00 Kees Cook wrote: I should clarify -- the read-blocking is nice, but the more common reason the leading zero is important is to avoid the guard being written as part of a larger overflow being written out by a str* function, if its value were leaked to an attacker in some other way. Reply at: https://bugs.launchpad.net/glibc/+bug/413278/comments/2 ------------------------------------------------------------------------ On 2011-05-15T15:00:37+00:00 Drepper-fsp wrote: I've applied a cleaner and more efficient patch. Reply at: https://bugs.launchpad.net/glibc/+bug/413278/comments/11 ** Changed in: glibc Status: Confirmed => Fix Released ** Changed in: glibc Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/413278 Title: stack protector guard value does not lead with a NULL byte -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
