Fuzzing and safety

A project log for Aligned Strings format

Developing a more flexible pointer and structure format that keeps some POSIX compatibility without the hassles

yann-guidon-ygdesYann Guidon / YGDES 03/22/2024 at 01:140 Comments

The aligned format is great, while it remains used inside a safe and controlled context.

It can get ugly though when an "aligned string" pointer is transmitted through an untrusted piece of code. This unsafe code could be prevented from dereferencing the string's value but this is not enough. If the pointer itself is modified, all kinds of problems arise.

Receiving a pointer to an aligned string from a dubious source can be less dangerous if the type is restricted. The type 2 (16-bit length) is the safest and it's easy to filter. The Type 3 creates indirect (de)references and the flexible types should be cast back to constant strings (it might not be possible to modify or reallocate the target anyway).

Use Type 2.