From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Daniel Colascione Newsgroups: gmane.emacs.bugs Subject: bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation. Date: Sun, 07 Sep 2014 20:19:48 -0700 Message-ID: <540D2054.4000909@dancol.org> References: <5409536B.5090201@cs.ucla.edu> <540C0741.8090900@cs.ucla.edu> <83bnqrcq7u.fsf@gnu.org> <540CC106.8040705@cs.ucla.edu> <540D1699.2030903@cs.ucla.edu> <020201cfcb13$6d851890$488f49b0$@gmail.com> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="7Jjk5lvW4aV2OGMlj4B704tM5LdDeCt34" X-Trace: ger.gmane.org 1410146426 18987 80.91.229.3 (8 Sep 2014 03:20:26 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 8 Sep 2014 03:20:26 +0000 (UTC) Cc: 18410@debbugs.gnu.org To: Demetrios Obenour , 'Paul Eggert' , 'Stefan Monnier' Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Sep 08 05:20:19 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XQpV4-0006BU-VY for geb-bug-gnu-emacs@m.gmane.org; Mon, 08 Sep 2014 05:20:19 +0200 Original-Received: from localhost ([::1]:40403 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XQpV4-0002fx-El for geb-bug-gnu-emacs@m.gmane.org; Sun, 07 Sep 2014 23:20:18 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51994) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XQpUv-0002eq-WF for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:20:15 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XQpUp-0007c6-7T for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:20:09 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41584) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XQpUp-0007bf-1U for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:20:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XQpUo-0003Bd-Ho for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:20:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Daniel Colascione Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 08 Sep 2014 03:20:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18410 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 18410-submit@debbugs.gnu.org id=B18410.141014640012238 (code B ref 18410); Mon, 08 Sep 2014 03:20:02 +0000 Original-Received: (at 18410) by debbugs.gnu.org; 8 Sep 2014 03:20:00 +0000 Original-Received: from localhost ([127.0.0.1]:33148 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XQpUl-0003BJ-Ov for submit@debbugs.gnu.org; Sun, 07 Sep 2014 23:20:00 -0400 Original-Received: from dancol.org ([96.126.100.184]:38123) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XQpUj-0003B8-4a for 18410@debbugs.gnu.org; Sun, 07 Sep 2014 23:19:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dancol.org; s=x; h=Content-Type:In-Reply-To:References:Subject:CC:To:MIME-Version:From:Date:Message-ID; bh=l0ej6d0x2e4BC73g8hDoOAd3t3vM/D7pVyYWSmgN+Fk=; b=lSBWhEuLQ4QOaqKQZZRziwEcgJ65GFab9OxuG+DtLRKOjNcsiJM27Qpvq4P2RBhnVhnuIUK+EGjr07lxCjUFBA5O6uHXiHGFUXsUW2yDmGr0Rxkq1Mf/oGMVZ+AVsNSiPtVOFf+PvFLjg2wQLRODMVao/5NDukk+QPughnrgXV5Tfyp6b3ZfSmxEfKzkKc4Rszon1SIcOSZEeQRsv4Iel8VJGusjqSPYsnZHxaJNmR9PtVu3JIqAm/GCOg6k+k/nG8DYmLuHys5fYWXCKIHcLOE2L0aT1elzgGYbkkX/SI3wwtRtpCHeZ5D6ztKzNynd2RtH7VfTD184dgeDqIIFNQ==; Original-Received: from [2620:0:1cfe:9a:863a:4bff:fec8:e538] by dancol.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_RC2) (envelope-from ) id 1XQpUg-0005YS-Qe; Sun, 07 Sep 2014 20:19:54 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0 In-Reply-To: <020201cfcb13$6d851890$488f49b0$@gmail.com> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:93136 Archived-At: This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --7Jjk5lvW4aV2OGMlj4B704tM5LdDeCt34 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 09/07/2014 08:17 PM, Demetrios Obenour wrote: > This is crucial. Otherwise, a security vulnerability could result. >=20 > MAX_ALLOCA should not be larger than the page size for the target archi= tecture. You could just touch every page inside a large alloca. --7Jjk5lvW4aV2OGMlj4B704tM5LdDeCt34 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUDSBUAAoJEN4WImmbpWBldVoP/2FnpZ8EvYST00r0mBF+8zkw XC8ddVYIGsxRT0iwhSS+g5uP90iaz4XHyUj/oYwcd3uvXf7f8o1RC3kk47xMHBHK 13ES4h7J0W6PXvIafmJBzbSnxhE3x114rk1IBLT6S4hG4eKIW05erKJaqEEXr5vi 6G4f63tk/VHwZ0VzRh6NVruWncoqnD7B6hYSPDk16fJa4jKJ2lAL+QOfkxhSgevX zVEFG93esFSG1zXlyV3e3tmnRIBXOYGc6t2UZUeH88RmiDwZxxA0HOzFNvSj6d62 yFMSc8/cLRxbKX7ZLFhw9PsMF4W411u9/JGc2QtXxMMg7iQka/md/CohrrwlBgsY R0mZynp1UahJu5UjkEcEiphMF9CERxKj8QxpCZoApT7c5EkgygJAZANTUFa3mkF0 vTMbLWxRIuvIV8+wgHlMhM0P0gSWetoISt+cCeUGHCEIn+hoG5dKqF2rdUuSZ8nJ QJwqlF0PCH4sHufVJtfe8cMaFNm9AsQN8FYllOwjK8aFvTtosTy5Wry6tMPYRdr7 fVHKYEsY1PX4+Io78AD0qwjsk5rTWMkK4UET5ZjyBMtfTeesVtX2vArZp72TyWkf SIBZ6sCIjyunRtyOe0IZ5aIXtBYenAWjS3RwXcKZQ4GscIufhAnEI+/sfnPYijMt /y0lBpsyRZ3bdaG/ziS7 =9jj/ -----END PGP SIGNATURE----- --7Jjk5lvW4aV2OGMlj4B704tM5LdDeCt34--