Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: Re: ncurses 4.1 security bug

Re: ncurses 4.1 security bug

Ben Laurie (benALGROUP.CO.UK)
Sun, 12 Jul 1998 11:51:29 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jim Dennis: "Re: socks5 1.0r5 buffer overflow.."
Previous message: Michael H. Warfield: "Re: Forwared to me"
Maybe in reply to: Duncan Simpson: "ncurses 4.1 security bug"

David Schwartz wrote:
>         How do you think the compiler would interpret the following:
>
> MyString Foo="test";
>
>         It would _have_ to call a constructor. There is no other way to make a
> 'MyString'. So your distinction is a distinction without a difference.

That's my point. MyString requires a call to a constructor. An int
doesn't. That's the difference.

>         No you cannnot know that _in_general_. The code 'int
> MyString::StringCount=0;' and the code 'MyString Foo="test"' are on an equal
> level -- both construct global objects and initialize them to sane states.
> So in general, you can't know which will occur first.

No, we know that 'int MyString::StringCount=0;' is done first, because
it needs no run-time initialisation.

Cheers,

Ben.

--
Ben Laurie            |Phone: +44 (181) 735 0686| Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org/
and Technical Director|Email: benalgroup.co.uk |
A.L. Digital Ltd,     |Apache-SSL author     http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache/

WE'RE RECRUITING! http://www.aldigital.co.uk/recruit/

Next message: Jim Dennis: "Re: socks5 1.0r5 buffer overflow.."
Previous message: Michael H. Warfield: "Re: Forwared to me"
Maybe in reply to: Duncan Simpson: "ncurses 4.1 security bug"