From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78]) by yquem.inria.fr (Postfix) with ESMTP id 7975BBC8E for ; Thu, 17 Feb 2005 10:39:16 +0100 (CET) Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35]) by nez-perce.inria.fr (8.13.0/8.13.0) with ESMTP id j1H9dFTA029362 for ; Thu, 17 Feb 2005 10:39:15 +0100 Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id KAA16148 for ; Thu, 17 Feb 2005 10:39:15 +0100 (MET) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.177]) by nez-perce.inria.fr (8.13.0/8.13.0) with ESMTP id j1H9dFBY029358 for ; Thu, 17 Feb 2005 10:39:15 +0100 Received: from [212.227.126.160] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1D1i7l-00038y-00; Thu, 17 Feb 2005 10:39:05 +0100 Received: from [80.129.116.166] (helo=gate.lan.gerd-stolpmann.de) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 1D1i7k-0007Cd-00; Thu, 17 Feb 2005 10:39:05 +0100 Received: from mydomain.com (localhost [127.0.0.1]) by gate.lan.gerd-stolpmann.de (Postfix) with SMTP id 6FD37C052; Thu, 17 Feb 2005 10:39:04 +0100 (CET) Received: from 192.168.0.1 (proxying for 193.194.7.92) (SquirrelMail authenticated user gerd) by gps.dynxs.de with HTTP; Thu, 17 Feb 2005 10:39:04 +0100 (CET) Message-ID: <21947.192.168.0.1.1108633144.squirrel@gps.dynxs.de> Date: Thu, 17 Feb 2005 10:39:04 +0100 (CET) Subject: Re: [Caml-list] Safe marshall? From: "Gerd Stolpmann" To: In-Reply-To: <059442cb47f5e19bca230316a6ae6261@fas.harvard.edu> References: <059442cb47f5e19bca230316a6ae6261@fas.harvard.edu> Cc: X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:a6865a839c0178d9aa0ce41878507ea2 X-Miltered: at nez-perce with ID 42146643.001 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Miltered: at nez-perce with ID 42146643.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Spam: no; 0.00; caml-list:01 gerd:01 stolpmann:01 type-safe:01 marshaling:01 marshaled:01 computed:01 type-safe:01 marshaled:01 serializer:01 xml-rpc:01 serializer:01 gerd:01 stolpmann:01 viktoriastr:01 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on yquem.inria.fr X-Spam-Status: No, score=0.1 required=5.0 tests=FORGED_RCVD_HELO, RCVD_FAKE_HELO_DOTCOM autolearn=disabled version=3.0.2 X-Spam-Level: Mike Hamburg said: > Is there any way to call Marshall in a type-safe way? I need to use > marshaling for a networking program, and I'd rather not leave Marshal > as an arbitrary code execution vulnerability (which it is as far as I > can tell: switching on a Marshaled value should produce a computed > jump, which can be set by an attacker to point to an arbitrary place). > Am I stuck writing my own marshal function? Marshal is not type-safe, no chance. I see three options for you: - If it is a closed protocol, you can sign the marshaled values - You can use other serializers. A quite simple and fast serializer is th= e XDR encoder in my SunRPC implementation (see http://ocaml-programming.de/programming/rpc.html). Other options I know are BER (see ocamldap), XML-RPC, SOAP, and Ensemble. - Write the serializer yourself. Maybe this is an option for you if you need maximum performance. Gerd ------------------------------------------------------------ Gerd Stolpmann * Viktoriastr. 45 * 64293 Darmstadt * Germany gerd@gerd-stolpmann.de http://www.gerd-stolpmann.de ------------------------------------------------------------