[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Layering an IDS on Linux - prepwork



Steve G napsal(a):
>> abort() is the traditional way to abort a program when an assertion
>> fails (developers might need the core file in that case),
> Which is ok in the debug case. For a production webserver its a different story.
Even in production code it is useful to abort() in "can't happen"
branches.  The cost of the additional code is negligible.

>> and SIGABRT terminations are very unlikely to be caused by buffer overflows and
>> similar attacks.
> Turns out that is the way that glibc stops programs when FORTIFY_SOURCE sees a
> runtime error.  :)  So, it could signal a real attack.
True, I have completely forgotten about this.

>> Changing all software to use some other mechanism to report assertion
>> failure is completely impractical (even the POSIX standard requires
>> assert() to call abort() on failures); besides, what alternative
>> mechanism is available?
> I think assert is only valid when NDEBUG is defined. So, there is a way for it to
> be used for debugging apps which is legit. And it magically disappears when
> compiled for production use.
It's the other way around: assert()s are checked unless NDEBUG is defined.
	Mirek


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]