So it turns out that libcrypto on i386 platforms, unconditionaly compiles this - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	miod <>	2014-04-22 21:52:21 +0000
committer	miod <>	2014-04-22 21:52:21 +0000
commit	b002b4227b7cd79c125d226d0039cae94c62609d (patch)
tree	da1742df8528640216f927a9907fe4e7c55bf9ec /src/lib/libc
parent	4e5c7a92843baa574477161a6a1b2df108ba3cde (diff)
download	openbsd-b002b4227b7cd79c125d226d0039cae94c62609d.tar.gz openbsd-b002b4227b7cd79c125d226d0039cae94c62609d.tar.bz2 openbsd-b002b4227b7cd79c125d226d0039cae94c62609d.zip

So it turns out that libcrypto on i386 platforms, unconditionaly compiles this

little gem called OPENSSL_indirect_call(), supposedly to be ``handy under Win32''. In my view, this is a free-win ROP entry point. Why try and return to libc when you can return to libcrypto with an easy to use interface? Better not give that much attack surface, and remove this undocumented entry point. ok beck@ tedu@

Diffstat (limited to 'src/lib/libc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: