Re: [Lit.] Buffer overruns
newstome_at_comcast.net
Date: 01/27/05
- Next message: tomstdenis_at_gmail.com: "Re: Ultimate check, new way to factor or not?"
- Previous message: Christian: "Re: MD5 primage attack question"
- In reply to: Walter Bushell: "Re: [Lit.] Buffer overruns"
- Next in thread: Walter Bushell: "Re: [Lit.] Buffer overruns"
- Reply: Walter Bushell: "Re: [Lit.] Buffer overruns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Jan 2005 21:39:20 -0600
In sci.crypt Walter Bushell <proto@panix.com> wrote:
> In article <-NudnZmFHfoTVWrcRVn-iQ@comcast.com>, newstome@comcast.net
> wrote:
>
>> In sci.crypt Bill Unruh <unruh@string.physics.ubc.ca> wrote:
>> > newstome@comcast.net writes:
>> >
>> >>In sci.crypt Ben Pfaff <blp@cs.stanford.edu> wrote:
>> >>> daw@taverner.cs.berkeley.edu (David Wagner) writes:
>> >>>
>> >>>> A string is a value; a buffer is what you store it in.
>> >>>
>> >>> Part of the confusion here might stem from disagreement on
>> >>> terms. Doug Gwyn is a C standards guy, so to him a "string" is,
>> >>> I imagine, exactly what the C standard says it is: (C99 7.7.1)
>> >>>
>> >>> 1 A string is a contiguous sequence of characters terminated by
>> >>> and including the first null character.
>> >>>
>> >>> Or perhaps not, but I think it's worth pointing out anyway.
>> >
>> >>I don't see how that changes anything. What is this "contiguous
>> >>sequence of characters terminated by and including the first null
>> >>character" stored in? A buffer, of course.
>>
>> > No. memory of some sort (Rom, ram, hard drive, cdrom,....). It may
>> > or may not be a buffer.
>>
>> Then you're using a different definition of "buffer" than most people.
>>
>> A "buffer", as used in "buffer overflow", is simply a block of
>> memory. Nothing more, nothing less. Stings are stored in blocks of
>> memory, i.e., buffers.
>>
>> Here's the definition from dictionary.com:
>>
>> 5. Computer Science. A device or area used to store data
>> temporarily.
>>
>> Any area of memory used to store data (string or otherwise) is a buffer.
>
> Even if the string that is being written to it is where the progammer
> expected to put code? Isn't "buffer" an intentionally defined term?
I'm afraid I can't figure out what you're trying to say here.
I'll take a guess: you mean a buffer is an intentionally allocated
block of memory to be used for a specific purpose. If so, then yes.
If a bad call to strcpy() results in a buffer overflow, then the
destination argument points to a buffer that the programmer intended
to be used for the string copy -- it's just that there wasn't space to
hold the entire string.
On the other hand, if the destination pointer is simply wrong
(pointing to the code segment for example -- is this what you were
trying to say above?), then that's not a buffer overflow problem. Not
sure what you'd call this, but it's an entirely different kind of
error.
-- That's News To Me! newstome@comcast.net
- Next message: tomstdenis_at_gmail.com: "Re: Ultimate check, new way to factor or not?"
- Previous message: Christian: "Re: MD5 primage attack question"
- In reply to: Walter Bushell: "Re: [Lit.] Buffer overruns"
- Next in thread: Walter Bushell: "Re: [Lit.] Buffer overruns"
- Reply: Walter Bushell: "Re: [Lit.] Buffer overruns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
