Re: [Caml-list] Does Marshal handle malicious data?

caml-list - the Caml user's mailing list
 help / color / mirror / Atom feed

From: Xavier Leroy <xavier.leroy@inria.fr>
To: Charles Martin <joelisp@yahoo.com>
Cc: caml-list@inria.fr
Subject: Re: [Caml-list] Does Marshal handle malicious data?
Date: Wed, 6 Mar 2002 11:59:22 +0100	[thread overview]
Message-ID: <20020306115922.B4830@pauillac.inria.fr> (raw)
In-Reply-To: <5.1.0.14.0.20020305145423.0288b5b0@192.168.0.1>; from joelisp@yahoo.com on Tue, Mar 05, 2002 at 02:56:25PM -0800

> Will the standard Marshal library correctly generate an exception
> for malicious data?  Or is it possible that it will cause a core
> dump, read past end of string, etc?

No, unmarshaling is not hardened against bad data (except checking the
initial magic number).  So, corrupted data can cause all the bad
things that you mentioned (core dump, etc).

Gracefully recovering from bad data could be implemented, but at
significant run-time cost.  An alternative is to use message
authentication codes and the like to guarantee the integrity of the
data.

- Xavier Leroy
-------------------
To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr
Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/
Beginner's list: http://groups.yahoo.com/group/ocaml_beginners

next prev parent reply	other threads:[~2002-03-06 10:59 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-03-05 22:56 Charles Martin
2002-03-06  3:28 ` Brian Rogoff
2002-03-06 10:59 ` Xavier Leroy [this message]
2002-03-06 14:10   ` Brian Rogoff
2002-03-07  8:59     ` Xavier Leroy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20020306115922.B4830@pauillac.inria.fr \
    --to=xavier.leroy@inria.fr \
    --cc=caml-list@inria.fr \
    --cc=joelisp@yahoo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).