curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Regarding CVE-2016-9594 (uninitialized random)

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Fri, 17 Feb 2017 18:21:32 +0100

On Friday, February 17, 2017 17:14:37 Andreas Mohr wrote:
> 0. The code used an old-style BREAK-CAST *)
> in order to work around (not: treat!) a transition issue caused by mismatch
> of API signatures (ROOT CAUSE)

I do not understand what you mean by BREAK-CAST. Assuming I am not the only
one who does not understand it, putting it to the advisory would hardly help.

> 1. very relevant activity did code changes *and* moved files
> (which strongly hampered detection by manual code reviews)

I also prefer to split commits that just move source code around from commits
that are intended to change the actual behavior. Writing it to the advisory
would make it overly chatty though. I think it is obvious that each single
commit can be made better (for review, maintenance and everything) if you have
enough manpower.

> [...]
>
>
> *) this is a bit of a stretch, since
> with C language, this cast isn't old-style: there is that kind of cast only
> (only C++ has "some" cast protection against the worst kinds of interface
> transition abuses). In C, ways to still try to avoid destructive cast
> issues might be: - (for sufficiently frequently invoked code parts) to
> create some helper functions which do the casting internally, thus in a
> controlled, maximally central manner - avoid API transition mismatch issues

Which version of C++ supports "safe" cast of (char *) to (unsigned char *)?

Kamil
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-02-17