Protecting against kernel NULL-pointer derefs
Dag-Erling Smørgrav
des at des.no
Tue Sep 15 12:42:30 UTC 2009
Pieter de Boer <pieter at thedarkside.nl> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > Pieter de Boer <pieter at thedarkside.nl> writes:
> > > Given the amount of NULL-pointer dereference vulnerabilities in
> > > the FreeBSD kernel that have been discovered of late,
> > Specify "amount" and define "of late".
> 'amount' => 2, 'of late' is more figure of speech than anything
> else. For me, amount was high enough to get interested and 'of late'
> may be because I've not been looking long enough.
A search of FreeBSD security advisories shows two in the last four
years, plus the current unreleased issue. I agree that there is no
reason to allow applications to mmap() at address 0, but surely there
must be a better way to make your case than to sow FUD?
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list