From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: "Demetrios Obenour" Newsgroups: gmane.emacs.bugs Subject: bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack allocation. Date: Sun, 7 Sep 2014 23:17:30 -0400 Message-ID: <020201cfcb13$6d851890$488f49b0$@gmail.com> References: <5409536B.5090201@cs.ucla.edu> <540C0741.8090900@cs.ucla.edu> <83bnqrcq7u.fsf@gnu.org> <540CC106.8040705@cs.ucla.edu> <540D1699.2030903@cs.ucla.edu> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Trace: ger.gmane.org 1410146307 17967 80.91.229.3 (8 Sep 2014 03:18:27 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 8 Sep 2014 03:18:27 +0000 (UTC) Cc: 18410@debbugs.gnu.org To: "'Paul Eggert'" , "'Stefan Monnier'" Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Mon Sep 08 05:18:17 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1XQpT7-0005aB-MQ for geb-bug-gnu-emacs@m.gmane.org; Mon, 08 Sep 2014 05:18:17 +0200 Original-Received: from localhost ([::1]:40399 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XQpT6-0002OG-W7 for geb-bug-gnu-emacs@m.gmane.org; Sun, 07 Sep 2014 23:18:17 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:51742) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XQpSy-0002N6-CE for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:18:14 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XQpSs-0006wT-F3 for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:18:08 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41580) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XQpSs-0006wP-Bt for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:18:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1XQpSr-00038C-RY for bug-gnu-emacs@gnu.org; Sun, 07 Sep 2014 23:18:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: "Demetrios Obenour" Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 08 Sep 2014 03:18:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 18410 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 18410-submit@debbugs.gnu.org id=B18410.141014626112010 (code B ref 18410); Mon, 08 Sep 2014 03:18:01 +0000 Original-Received: (at 18410) by debbugs.gnu.org; 8 Sep 2014 03:17:41 +0000 Original-Received: from localhost ([127.0.0.1]:33144 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XQpSX-00037d-1X for submit@debbugs.gnu.org; Sun, 07 Sep 2014 23:17:41 -0400 Original-Received: from mail-yh0-f53.google.com ([209.85.213.53]:62232) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XQpST-00037K-M8 for 18410@debbugs.gnu.org; Sun, 07 Sep 2014 23:17:38 -0400 Original-Received: by mail-yh0-f53.google.com with SMTP id a41so8727197yho.26 for <18410@debbugs.gnu.org>; Sun, 07 Sep 2014 20:17:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type:content-transfer-encoding:thread-index :content-language; bh=Q4gO43P5+Y9qM85pwi4dAfhR/cV4r9hXKjkfJ2CfGIQ=; b=ikPK2HP+H3fdS628PbiKtpOYyLi1k4S+CcaPNpQ482/5EoMCUj6S4a7HmFAGoXosDw 1drvDo0ST1eWIppemf5EYv0SFOHAjyzWz9eZmZYlcpYs8nCCpDh+mZRQWsX2LAkMMHQf E4WasUIgwb7QbgkLXBS3vPfZfUSrceLDZ84ZpirR0t0jtQhwXWrSvqwtL2TxKGMNxX0k bM3Ackzih/pYfPRRIIG9ebKeJNas4DDHpxVd9ZXM6CFu3loQh2qboc2vp7vDXypWNL+1 +WNGXokfTSaC0Z+uwf4sizcxxxr0JMQnQu6rwgAyMEmZTMsr5BCdJsTxK2U3wwrbaMuS 7wKg== X-Received: by 10.236.61.69 with SMTP id v45mr86769yhc.130.1410146252003; Sun, 07 Sep 2014 20:17:32 -0700 (PDT) Original-Received: from admin (c-71-236-63-161.hsd1.tn.comcast.net. [71.236.63.161]) by mx.google.com with ESMTPSA id b59sm3914154yha.33.2014.09.07.20.17.31 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 07 Sep 2014 20:17:31 -0700 (PDT) In-Reply-To: <540D1699.2030903@cs.ucla.edu> X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQIbHmv0S5k5dv+xo5sOLfqUvwXvlgE5FuACAoMkd9MCPkb5hQLifywuAnFZF4KbBXbBsA== Content-Language: en-us X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:93135 Archived-At: This is crucial. Otherwise, a security vulnerability could result. MAX_ALLOCA should not be larger than the page size for the target = architecture. Demetrios Obenour -----Original Message----- From: bug-gnu-emacs-bounces+demetriobenour=3Dgmail.com@gnu.org = [mailto:bug-gnu-emacs-bounces+demetriobenour=3Dgmail.com@gnu.org] On = Behalf Of Paul Eggert Sent: Sunday, September 7, 2014 10:38 PM To: Stefan Monnier Cc: 18410@debbugs.gnu.org Subject: bug#18410: Use SAFE_ALLOCA etc. to avoid unbounded stack = allocation. Stefan Monnier wrote: > MAX_ALLOCA is chosen small so that we can allocate several/many=20 > objects of size MAX_ALLOCA. That's one reason, but another is that stack-overflow checking often = relies on guard pages. If we blindly increase MAX_ALLOCA (or some = variant of it, just for call-process) Emacs could bypass stack-overflow = checking, resulting in behavior that could be worse than simply dumping = core. If I understand things correctly, Dmitry's recent stack-overflow changes = don't affect this, as they don't deal with the guard-page region size.