Hosting Provided By

Re: Administrivia: List Announcement

From: Wynn Fenwick <wynn.fenwick(at)cgi.com>
Date: Tue May 13 2003 - 16:43:56 EDT

Xeno nailed that one but here's something I wondered...

The program uses malloc() then iterates through each memory location, assuming that malloc() would give them a contiguous block of memory.

> for (i = 0; i <= SIZE && p1[i] != '\0'; i++)

I believe there is an (incorrect) assumption that the memory returned by malloc() on Win32 is contiguous, unlike some UNIX boxen? Is there a neato non-portability vulnerability created by iterating through the string elements this way? or is it only vulnerable if you do something like this:

  char* p;
  p = &buf1;
  while (*p != '\0') buf1[i++] = *p++;

Wow... I haven't written C in a long time... I hope I don't embarrass myself...

W Received on Tue May 13 18:32:28 2003

This message: [ Message body ]
Next message: Dana Epp: "Re: partial analysis of vulndev-1.c"
Previous message: Nexus: "Re: Administrivia: List Announcement"
In reply to Dave McKinney: "Administrivia: List Announcement"
Reply: Michael Wojcik: "RE: Administrivia: List Announcement"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:39 EDT

Do you need help?