| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87v7zetg1j.fsf@oldenburg3.str.redhat.com> Date: Mon, 02 Sep 2024 14:07:36 +0200 From: Florian Weimer <fweimer@...hat.com> To: Rich Felker <dalias@...c.org> Cc: "H.J. Lu" <hjl.tools@...il.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-api@...r.kernel.org, libc-alpha@...rceware.org, musl@...ts.openwall.com Subject: Re: [musl] AT_MINSIGSTKSZ mismatched interpretation kernel vs libc * Rich Felker: > This is ambiguously worded (does "operating system" mean kernel?) and > does not agree with POSIX, which defines it as: > > Minimum stack size for a signal handler. > > And otherwise just specifies that sigaltstack shall fail if given a > smaller size. > > The POSIX definition is also underspecified but it's clear that it > should be possible to execute at least a do-nothing signal handler > (like one which immediately returns and whose sole purpose is to > induce EINTR when intalled without SA_RESTART), or even a minimal one > that does something like storing to a global variable, with such a > small stack. Allowing a size where even a do-nothing signal handler > results in a memory-clobbering overflow or access fault seems > non-conforming to me. POSIX does not specify what happens on a stack overflow (or more generally, if most resource limits are exceeded), so I think the behavior is conforming on a technicality. Thanks, Florian
Powered by blists - more mailing lists