Re: Buffer overflow prevention

From: Miod Vallat (miod_at_online.fr)
Date: 08/14/03

  • Next message: H D Moore: "Re: MSBlast complete recode / analysis"
    Date: Thu, 14 Aug 2003 20:24:40 +0000
    To: bugtraq@securityfocus.com
    
    

    > ProPolice is not magical, though. There are plenty of cases where it is
    > totally inefficient. To illustrate a very common one :
    >
    [snip oflow of 5-byte buffer]

    This particular case ``works'' because, by design, propolice will not
    attempt to protect structures smaller than 16 bytes.

    This can be changed by a simple gcc recompilation... and it's probably
    worth doing.

    Miod


  • Next message: H D Moore: "Re: MSBlast complete recode / analysis"