[clug] [OT] Null-terminated strings: expensive mistake or not
Sam Couter
sam at couter.id.au
Thu Aug 4 03:51:23 MDT 2011
Hugh Fisher <hugh.fisher at anu.edu.au> wrote:
> Blame for buffer overruns can be pushed back to IBM and their
> decision with the 360 to go for a common address space with
> code and data intermingled rather than segmented and typed
> memory like the Burroughs 5/6XXX series. On a B6700 a string
> would just wipe out your local variables and then crash with
> the equivalent of SEGV instead of overwriting the return
> address.
Buffer overruns can cause more problems than just smashed stacks.
Overwriting local variables can still enable remote attacks, not to
mention all those annoying bugs and difficult to trace memory
corruption.
--
Sam Couter | mailto:sam at couter.id.au
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20110804/5546c316/attachment.pgp>
More information about the linux
mailing list