[GitHub] [incubator-nuttx] patacongo edited a comment on issue #1359: Many IOCTL handlers do not validate the address of their argument

[GitBox <gi...@apache.org>]

patacongo edited a comment on issue #1359:
URL: https://github.com/apache/incubator-nuttx/issues/1359#issuecomment-653672158


   > 
   > 
   > Ah, it is indeed. My apologies. I did not review the existing list of issues before filing this one.
   
   Yes, it is the same root issue:  This PR specifically addresses ioctls and the other only specifies read(), but I think it generalizes into any system call that receives a write-able pointer.
   
   There are several other Issues related to the PROTECTED mode that I have opened.  You can see that they are all tagged with the Security label.
   
   I have also taken some effort to obfuscate the stack content on some call backs from the OS -- signal handlers, atexit(), on_exit(), pthread_cleanup functions, pthread-specific data destructors, etc.  But that is incomplete and insufficient and also deserves to have a new Issue opened.
   
   Unlike Linux, there are not separate stacks for user logic and system functions so callbacks from the OS expose the entire stack and, since it is user-writable, is also a glaring security hole since a malicious app can modify the stack content before returning.
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org