|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Secure coding in C (was Re: Administrivia #4883)
Subject: Re: Secure coding in C (was Re: Administrivia #4883)
From: spin0ff (spin
MASSIVE.CH)
Date: Fri Jan 21 2000 - 12:32:47 CST
- Next message: Seth R Arnold: "Re: Generalized List of Threats and Vulnerabilities"
- Previous message: Oliver Friedrichs: "Re: Overflows due to unexpected casts"
- In reply to: Valery Dachev: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Next in thread: Valery Dachev: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Next in thread: Warner Losh: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Next in thread: Ken Williams: "Re: Administrivia #4883"
- Reply: spin0ff: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Reply: Valery Dachev: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 17 Jan 2000, Valery Dachev wrote:
> On Mon, 17 Jan 2000, Vladimir Dubrovin wrote:
>
> > Hello Valery Dachev,
> >
> > 17.01.00 12:25, you wrote: Secure coding in C (was Re: Administrivia #4883);
> >
> > V> Lucky you ! You have encountered the \0 symbol after your buffer and
> > V> before the end of the segment. Take a look at the situation where the \0
> > V> symbol is not there. Your program can explode with "Segmentation
> > V> fault" (or "Segmentation violation" in Windows). There's a simple example
> > V> in the attachment.
> > V> Bye.
> > Your example will fail regardless '\0' because there is no bounds
> > checking for array at all.
> This is what I want to demonstrate to Mr.spin0ff ;) This example shows
> that when no bound checking, accessing memory address can cause such
> errors ;)))
anyway, the question was not whether this will "work" or crash... my
question was "is it exploitable", and if so... how. the segfault problem
was obvious...
s0
- Next message: Seth R Arnold: "Re: Generalized List of Threats and Vulnerabilities"
- Previous message: Oliver Friedrichs: "Re: Overflows due to unexpected casts"
- In reply to: Valery Dachev: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Next in thread: Valery Dachev: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Next in thread: Warner Losh: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Next in thread: Ken Williams: "Re: Administrivia #4883"
- Reply: spin0ff: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Reply: Valery Dachev: "Re: Secure coding in C (was Re: Administrivia #4883)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Fri Jan 21 2000 - 23:24:23 CST