olafbuddenha...@gmx.net, le Thu 31 Dec 2009 04:12:21 +0100, a écrit : > On Wed, Dec 30, 2009 at 07:42:21PM +0000, Carl Fredrik Hammar wrote: > > > Strings in RPCs, such as the filename argument to a dir_lookup, are > > not checked if they are terminated by '\0'. This could lead to the > > server segfaulting if it tries to read the string. > > > > Making MIG check that strings are terminated seems like the proper > > fix. > > AIUI, the first step would be implementing actual string support in MiG > at all... > > While this should probably be considered a todo item, in the present > situation, if a server doesn't protect against non-terminated strings, > it's a bug *in this server*.
Yes, but fixing the bug can just be done by implementing what he proposes, adding checks at the _server_ side. Samuel
