Re: [Full-disclosure] Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of, Service Vulnerability



I'm didn't even comment on Mark's paper, it is definitely a great piece of
research, there is no doubt. It's just that some people have read this paper
and thought, wow, all those NULL bugs are now exploitable. It's important to
separate these bug classes.

sorry to interrupt your self-aggrandizing tirade, however you're the only
one who took the implication that *all* null ptr related bugs are
exploitable-- i never implied or said that, just said in some instances
they can be. Furthermore, I think you're taking the word 'dereference' a
little too serious and you should perhaps take up a hobby such as baseball
cards or miniature collectibles to quench you're apparent need to
sub-categorize into nothing. If you want to insist that null+x/etc bugs be
in an entirely separate category than dereferences, that's cool, just don't
go all ape-shit on people who dont share your same narrow view at
some feeble attempt at elitism via syntactic pedantry.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: End of hypocrisy ?
    ... Some reports are not bugs. ... a separate, parallel, volunteer-only distro. ... I'd still say there's time for debian to go for a course correction, ... which is volunteer only ...
    (Debian-User)
  • Re: [Full-disclosure] Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of, Service
    ... I don't think you understand what a NULL pointer dereference is. ... referencing NULL. ... *>* and thought, wow, all those NULL bugs are now exploitable. ... *>* separate these bug classes. ...
    (Full-Disclosure)
  • Re: Forth PARANOIA
    ... It should run on standard Forth-94 systems, with or without a separate ... FP stack. ... Please inform me of any bugs you happen to find. ...
    (comp.lang.forth)
  • Re: can we resurrect linux-firefox-1.5 ?
    ... Luigi Rizzo wrote: ... port (under a separate name) so at least people have a choice ... on which set of bugs they prefer? ...
    (freebsd-stable)
  • [PATCH 0/7] blktrace: various cleanups and fixes
    ... While trying to use blktrace in -tip tree, I encounted kernel NULL ... dereference, so I looked into the code, and then found some other ... bugs. ... This patchset is part 1, and I have some other pending fixes. ...
    (Linux-Kernel)