Re: Bounds checking in extension API

2003-10-17 Thread Dan Sugalski
On Fri, 17 Oct 2003, Simon Glover wrote: > > On Fri, 17 Oct 2003, Dan Sugalski wrote: > > > On Fri, 17 Oct 2003, Simon Glover wrote: > > > > > > > > What, if any, validation of their input should the register access > > > functions in the extension API do? Currently, they don't do any, > > > wh

Re: Bounds checking in extension API

2003-10-17 Thread Simon Glover
On Fri, 17 Oct 2003, Dan Sugalski wrote: > On Fri, 17 Oct 2003, Simon Glover wrote: > > > > > What, if any, validation of their input should the register access > > functions in the extension API do? Currently, they don't do any, > > which means that you can create a buffer overflow simply by

Re: Bounds checking in extension API

2003-10-17 Thread Dan Sugalski
On Fri, 17 Oct 2003, Simon Glover wrote: > > What, if any, validation of their input should the register access > functions in the extension API do? Currently, they don't do any, > which means that you can create a buffer overflow simply by using > a register number >31 or <0; eg, > >Parro