| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Apr 2016 23:10:52 +0200 From: Denys Vlasenko <vda.linux@...glemail.com> To: Andrew Kelley <superjoe30@...il.com> Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: alternatives to null-terminated byte arrays in syscalls in the future? On Fri, Apr 8, 2016 at 11:04 PM, Andrew Kelley <superjoe30@...il.com> wrote: > The open syscall looks like this: > > SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, umode_t, mode) > > filename is a null terminated byte array. Null termination is one way > to handle lengths of byte arrays, but arguably a better way is to keep > track of the length in a separate field. Many programming languages > use pointer + length instead of null termination for various reasons. > > When it's time to make a syscall such as open, software which does not > have a null character at the end of byte arrays are forced to allocate > memory, do a memcpy, insert a null byte, perform the open syscall, > then deallocate the memory. In many cases, it's possible to just add the NUL byte instead. > What are the chances that in the future, Linux will have alternate > syscalls which accept byte array parameters where one can pass the > length of the byte array explicitly instead of using a null byte? 0% chances. Amount of PITA to make that happen far outweighs possible benefits.
Powered by blists - more mailing lists