summaryrefslogtreecommitdiff
path: root/usr.bin/rcs/diff.h
diff options
context:
space:
mode:
authorMiod Vallat <miod@cvs.openbsd.org>2014-04-22 21:52:22 +0000
committerMiod Vallat <miod@cvs.openbsd.org>2014-04-22 21:52:22 +0000
commitad63877b539cf31a63442eec6bac4f2732e403b8 (patch)
treec2c2c12cf6495cca89f6a6c37715be9cc35fcf9a /usr.bin/rcs/diff.h
parentf543ee8ad141bff0415726832d84ea7de9f82d11 (diff)
So it turns out that libcrypto on i386 platforms, unconditionaly compiles this
little gem called OPENSSL_indirect_call(), supposedly to be ``handy under Win32''. In my view, this is a free-win ROP entry point. Why try and return to libc when you can return to libcrypto with an easy to use interface? Better not give that much attack surface, and remove this undocumented entry point. ok beck@ tedu@
Diffstat (limited to 'usr.bin/rcs/diff.h')
0 files changed, 0 insertions, 0 deletions