Subject: Re: Performance of various memcpy()'s
To: Bang Jun-Young <junyoung@mogua.com>
From: TAMURA Kent <kent@netbsd.org>
List: tech-userlevel
Date: 10/29/2002 14:59:49
> There's no known way to exploit system by memcpy. If there is, why
> not _DIAGNOSTIC enabled by default?
An Apache exploit targetting BSDs used memcpy() in Apache.
memcpy() and memmove() can be used for exploits if some
conditions are met.
> Unless there's a better reason to have _DIAGNOSTIC there, I'm going to
> get rid of it.
I think it is ok because the current check hardly helps
practical users.
--
TAMURA Kent <kent2002@hauN.org> <kent@netbsd.org>