[DUG] Security/Buffer overflows
David Brennan
dugdavid at dbsolutions.co.nz
Thu Jan 11 10:12:52 NZDT 2007
I think the point is that it should be 0 to 99, not 100 (let alone 101).
;-)
_____
From: delphi-bounces at ns3.123.co.nz [mailto:delphi-bounces at ns3.123.co.nz] On
Behalf Of Phil Middlemiss
Sent: Thursday, 11 January 2007 8:50 a.m.
To: NZ Borland Developers Group - Delphi List
Subject: Re: [DUG] Security/Buffer overflows
Well of course the flaw was left in there on purpose. That was the whole
point of the code! To show how it can happen.
I thought the comment at the end of the line made that obvious.
David Brennan wrote:
Hehe... I thought that too... ;-)
-----Original Message-----
From: delphi-bounces at ns3.123.co.nz [mailto:delphi-bounces at ns3.123.co.nz] On
Behalf Of Ben Taylor
Sent: Wednesday, 10 January 2007 2:14 p.m.
To: NZ Borland Developers Group - Delphi List
Subject: Re: [DUG] Security/Buffer overflows
getMemory(buffer, 100 * SizeOf(Integer));
for i := 0 to 101 do // woops! should be 100, not 101. Bufferoverflow!
i assume you left the obvious flaw there as an indication of how easy it is
to mess
this up? :-)
there is no way to guard against this except careful programming
andtesting.
well.. there is.. i can go into a deeper discussion/example here if anyone
is
interested..
Send instant messages to your online friends http://au.messenger.yahoo.com
_______________________________________________
Delphi mailing list
Delphi at ns3.123.co.nz
http://ns3.123.co.nz/mailman/listinfo/delphi
_______________________________________________
Delphi mailing list
Delphi at ns3.123.co.nz
http://ns3.123.co.nz/mailman/listinfo/delphi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ns3.123.co.nz/pipermail/delphi/attachments/20070111/4c2bb7fb/attachment-0001.html
More information about the Delphi
mailing list