From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/206 Path: news.gmane.org!not-for-mail From: Vasiliy Kulikov Newsgroups: gmane.linux.lib.musl.general Subject: Re: holywar: malloc() vs. OOM Date: Sun, 24 Jul 2011 22:33:41 +0400 Message-ID: <20110724183341.GC6429@albatros> References: <20110724103325.GA24069@albatros> <20110724124034.GI132@brightrain.aerifal.cx> <20110724132913.GH27634@port70.net> <20110724132704.GK132@brightrain.aerifal.cx> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1311532611 13977 80.91.229.12 (24 Jul 2011 18:36:51 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 24 Jul 2011 18:36:51 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-290-gllmg-musl=m.gmane.org@lists.openwall.com Sun Jul 24 20:36:47 2011 Return-path: Envelope-to: gllmg-musl@lo.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by lo.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1Ql3Xi-0007Gx-W3 for gllmg-musl@lo.gmane.org; Sun, 24 Jul 2011 20:36:47 +0200 Original-Received: (qmail 9810 invoked by uid 550); 24 Jul 2011 18:36:46 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 9802 invoked from network); 24 Jul 2011 18:36:46 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=sender:date:from:to:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=Z+V5h6r4nKA1cTZGFLQAxM1pTCb3/BKcjcHTQVhPOuQ=; b=txHcKkGc/rPRp26sICMUT2HVHVBUoI7VZnBNBXKx+UWgoSQj3UV6L3c/0RlBn1p6Vp TtzdeEbGjoFJGRmEjsZVWAY0haTs1HZiTbziHQYkQbBs/0TrNJTYdBg+DbRZHezOTSNP Z3SfeOUmOl9Yf385YFq1hKriOVhyEtVsQkNvQ= Original-Sender: Vasiliy Kulikov Content-Disposition: inline In-Reply-To: <20110724132704.GK132@brightrain.aerifal.cx> User-Agent: Mutt/1.5.20 (2009-06-14) Xref: news.gmane.org gmane.linux.lib.musl.general:206 Archived-At: On Sun, Jul 24, 2011 at 09:27 -0400, Rich Felker wrote: > > it could "fix" deprecated/dangerous calls > > (maybe turn them into compiletime errors) > > and things like oom failures into runtime errors > > > > so bad code can be compiled against this radical extremist libc > > The only problem I see is that it only catches "known bad" code. Sure, as almost any workaround of API misdesign. > As an > admin I would be inclined to simply look for another program that > performs the function I need, rather than trying to compile in > workarounds, if I knew a program had code that bad.. It depends on the requirements and level of paranoia :) It could be the only program in the required programs class. It could be the only program you may use for non-technical reasons. Other programs could be not much better (re: desktop). In the ideal world any hardening would be redundant ;) -- Vasiliy