Browse thread
Safe marshall?
[
Home
]
[ Index:
by date
|
by threads
]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
| Date: | 2005-02-16 (22:55) |
| From: | Oliver Bandel <oliver@f...> |
| Subject: | Re: [Caml-list] Safe marshall? |
On Wed, Feb 16, 2005 at 05:07:55PM -0500, Mike Hamburg wrote: > Is there any way to call Marshall in a type-safe way? I need to use > marshaling for a networking program, and I'd rather not leave Marshal > as an arbitrary code execution vulnerability (which it is as far as I > can tell: switching on a Marshaled value should produce a computed > jump, which can be set by an attacker to point to an arbitrary place). > Am I stuck writing my own marshal function? Is it possible to say a C-function *anything* about a datastructure's structure? Via the C-interface of OCaml?! If so.... at least under Mac OS-X it should be possible to solve that task with Objective-C. It can dump objects completely. So this - at least on this platform - would be possible then. But IMHO this may not be possible with all Objective-C implementations. Ciao, Oliver