On Jan 2, 2004, at 11:52 PM, Jun-ichiro itojun Hagino wrote:
atexit() in NetBSD can be very unsafe at this moment - see
http://www.openbsd.org/papers/pacsec03/e/index.html (page 12)
so i don't like it be used.
Well, like it or not, many things use atexit(), and just because you think it might be "unsafe" is not a good reason to remove its use from a program. You haven't even eliminated all uses of atexit() from rtsold with this change.
Besides, it's not the atexit() function that's "dangerous" in this example, but rather the exit() function (or __cxa_finalize()).
That said, I think the example in that presentation is maybe just a little bit over-the-top. Countless programs use function pointers in structures that are writable. There are many other places that are writable in a program whence a PC value might be loaded. I honestly think the change suggested in this example is unnecessary ("basically free"? Except for the increased code footprint!)
-- Jason R. Thorpe <thorpej%wasabisystems.com@localhost>
Attachment:
PGP.sig
Description: This is a digitally signed message part