• [$] The trouble with struct sockaddr's fake flexible array

    From LWN.net@1337:1/100 to All on Thu Nov 7 16:45:04 2024
    [$] The trouble with struct sockaddr's fake flexible array

    Date:
    Thu, 07 Nov 2024 16:34:08 +0000

    Description:
    Flexible arrays arrays that are declared as the final member of a
    structure and which have a size determined at run time have long drawn
    the attention of developers seeking to harden the kernel against buffer-overflow vulnerabilities. These arrays have reliably been a source
    of bugs, so anything that can be done to ensure that operations on them
    stay within bounds is a welcome improvement. While many improvements, including the recent counted-by work , have
    been made, one of the most difficult cases remains. Now, however,
    developers who are interested in using recent compiler bounds-checking
    features are trying to get a handle on struct sockaddr .

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/997094/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)