For example, on a parameter pass and within a function call, was strcpy() being called vs strncpy() with len n check that produced the side effect? Or was it void * parameter that was cast incorrectly?
Thanks Jeremy!
Discussion on:
Message 2 of 1
It would have been interesting to have a read your code snippet with your comments on how the exploit (buffer overrun) succeeded.
For example, on a parameter pass and within a function call, was strcpy() being called vs strncpy() with len n check that produced the side effect? Or was it void * parameter that was cast incorrectly?
Thanks Jeremy!
For example, on a parameter pass and within a function call, was strcpy() being called vs strncpy() with len n check that produced the side effect? Or was it void * parameter that was cast incorrectly?
Thanks Jeremy!
IBM Sponsored Resources
Resources from our Sponsor
- Oracle Exadata vs IBM: Netezza Compared
- Forrester TEI Report
- CIA Whitepaper
- Harnessing the Power of Advanced Analytics
- Tapping into Unleashed Business Potential with Advanced Analytics
- Unlock Analytic Performance with Revolution R for Enterprise and IBM: Netezza Data Warehouse Appliance
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
