From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pierre.weis@inria.fr>
Delivered-To: caml-list@yquem.inria.fr
Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78])
	by yquem.inria.fr (Postfix) with ESMTP id 1E735BC75
	for <caml-list@yquem.inria.fr>; Wed, 16 Feb 2005 23:08:03 +0100 (CET)
Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35])
	by nez-perce.inria.fr (8.13.0/8.13.0) with ESMTP id j1GM82pf022554
	for <caml-list@yquem.inria.fr>; Wed, 16 Feb 2005 23:08:02 +0100
Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id XAA28303 for <caml-list@pauillac.inria.fr>; Wed, 16 Feb 2005 23:08:02 +0100 (MET)
Received: from us17.unix.fas.harvard.edu (us17.unix.fas.harvard.edu [140.247.35.197])
	by concorde.inria.fr (8.13.0/8.13.0) with ESMTP id j1GM81ER003989
	for <caml-list@inria.fr>; Wed, 16 Feb 2005 23:08:01 +0100
Received: from [140.247.161.104] (roam161-104.student.harvard.edu [140.247.161.104])
	by us17.unix.fas.harvard.edu (8.12.11/8.12.11) with ESMTP id j1GM7u2H021087
	for <caml-list@inria.fr>; Wed, 16 Feb 2005 17:08:00 -0500
Mime-Version: 1.0 (Apple Message framework v619.2)
Content-Transfer-Encoding: 7bit
Message-Id: <059442cb47f5e19bca230316a6ae6261@fas.harvard.edu>
Content-Type: text/plain; charset=US-ASCII; format=flowed
To: caml-list@inria.fr
From: Mike Hamburg <hamburg@fas.harvard.edu>
Subject: Safe marshall?
Date: Wed, 16 Feb 2005 17:07:55 -0500
X-Mailer: Apple Mail (2.619.2)
X-Miltered: at nez-perce with ID 4213C442.001 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)!
X-Miltered: at concorde with ID 4213C441.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)!
X-Spam: no; 0.00; type-safe:01 marshaling:01 marshaled:01 computed:01 arbitrary:01 arbitrary:01 marshal:01 marshal:01 i'd:05 attacker:05 switching:07 edu:07 rather:07 jump:08 function:08 
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on yquem.inria.fr
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=disabled 
	version=3.0.2
X-Spam-Level: 

Is there any way to call Marshall in a type-safe way?  I need to use 
marshaling for a networking program, and I'd rather not leave Marshal 
as an arbitrary code execution vulnerability (which it is as far as I 
can tell: switching on a Marshaled value should produce a computed 
jump, which can be set by an attacker to point to an arbitrary place).  
Am I stuck writing my own marshal function?

Mike Hamburg