Hey,
Since we are working with heaps, does it mean that smoke is not
vulnerable to buffer overflow attack? It's just that I read somewhere
that delphi progs can't be attacked this way because it allocates on
the heap too.
-- _________________________________________
I blog @ http://myxp.blogspot.com Also @ http://spaces.msn.com/members/tentod ------------------------------------------------------------------------
hmmm.. as far as I can understand stack and heap, the answer seems
to be a BIG YES. If not do enlighten me on this.
Ciao,
On 8/2/05, Anand kumar <a.anandku...@gmail.com> wrote:
> Hey,
> Since we are working with heaps, does it mean that smoke is not
> vulnerable to buffer overflow attack? It's just that I read somewhere
> that delphi progs can't be attacked this way because it allocates on
> the heap too.
> --
> _________________________________________
> I blog @ http://myxp.blogspot.com > Also @ http://spaces.msn.com/members/tentod > ------------------------------------------------------------------------
-- Balakrishnan Chandrasekaran
-------------------------------------------------
Balakrishnan.C at gmx dot de
Balakrishnan.C at gmail dot com
> hmmm.. as far as I can understand stack and heap, the answer seems
> to be a BIG YES. If not do enlighten me on this.
> Ciao,
> On 8/2/05, Anand kumar <a.anandku...@gmail.com> wrote:
> > Hey,
> > Since we are working with heaps, does it mean that smoke is not
> > vulnerable to buffer overflow attack? It's just that I read somewhere
> > that delphi progs can't be attacked this way because it allocates on
> > the heap too.
> > --
> > _________________________________________
> > I blog @ http://myxp.blogspot.com > > Also @ http://spaces.msn.com/members/tentod > > ------------------------------------------------------------------------
> --
> Balakrishnan Chandrasekaran
> -------------------------------------------------
> Balakrishnan.C at gmx dot de
> Balakrishnan.C at gmail dot com
> Every malloc call allocated on the heap - so every program is
> vulnerable in that way :-)
> Sriram
> On 8/2/05, Balakrishnan C <balakrishna...@gmail.com> wrote:
> > hmmm.. as far as I can understand stack and heap, the answer seems
> > to be a BIG YES. If not do enlighten me on this.
> > Ciao,
> > On 8/2/05, Anand kumar <a.anandku...@gmail.com> wrote:
> > > Hey,
> > > Since we are working with heaps, does it mean that smoke is not
> > > vulnerable to buffer overflow attack? It's just that I read somewhere
> > > that delphi progs can't be attacked this way because it allocates on
> > > the heap too.
> > > --
> > > _________________________________________
> > > I blog @ http://myxp.blogspot.com > > > Also @ http://spaces.msn.com/members/tentod > > > ------------------------------------------------------------------------
> > --
> > Balakrishnan Chandrasekaran
> > -------------------------------------------------
> > Balakrishnan.C at gmx dot de
> > Balakrishnan.C at gmail dot com
-- Balakrishnan Chandrasekaran
-------------------------------------------------
Balakrishnan.C at gmx dot de
Balakrishnan.C at gmail dot com
> On 8/2/05, Sriram Krishnan <srir...@gmail.com> wrote:
> > Every malloc call allocated on the heap - so every program is
> > vulnerable in that way :-)
> > Sriram
> > On 8/2/05, Balakrishnan C <balakrishna...@gmail.com> wrote:
> > > hmmm.. as far as I can understand stack and heap, the answer seems
> > > to be a BIG YES. If not do enlighten me on this.
> > > Ciao,
> > > On 8/2/05, Anand kumar <a.anandku...@gmail.com> wrote:
> > > > Hey,
> > > > Since we are working with heaps, does it mean that smoke is not
> > > > vulnerable to buffer overflow attack? It's just that I read somewhere
> > > > that delphi progs can't be attacked this way because it allocates on
> > > > the heap too.
> > > > --
> > > > _________________________________________
> > > > I blog @ http://myxp.blogspot.com > > > > Also @ http://spaces.msn.com/members/tentod > > > > ------------------------------------------------------------------------
> > > --
> > > Balakrishnan Chandrasekaran
> > > -------------------------------------------------
> > > Balakrishnan.C at gmx dot de
> > > Balakrishnan.C at gmail dot com
> --
> Balakrishnan Chandrasekaran
> -------------------------------------------------
> Balakrishnan.C at gmx dot de
> Balakrishnan.C at gmail dot com
Us doing memory stuff on the heap is no different from any other
program allocating memory.
If you're talking of code running on our VM, my guess is that we're
slightly more secure since heap overruns are more difficult to exploit
- you cant overwrite where the processor is going to jump to next
which is what you can do in a stack buffer overrun
Sriram
On 8/2/05, Balakrishnan C <balakrishna...@gmail.com> wrote:
> On 8/2/05, Sriram Krishnan <srir...@gmail.com> wrote:
> > Every malloc call allocated on the heap - so every program is
> > vulnerable in that way :-)
> > Sriram
> > On 8/2/05, Balakrishnan C <balakrishna...@gmail.com> wrote:
> > > hmmm.. as far as I can understand stack and heap, the answer seems
> > > to be a BIG YES. If not do enlighten me on this.
> > > Ciao,
> > > On 8/2/05, Anand kumar <a.anandku...@gmail.com> wrote:
> > > > Hey,
> > > > Since we are working with heaps, does it mean that smoke is not
> > > > vulnerable to buffer overflow attack? It's just that I read somewhere
> > > > that delphi progs can't be attacked this way because it allocates on
> > > > the heap too.
> > > > --
> > > > _________________________________________
> > > > I blog @ http://myxp.blogspot.com > > > > Also @ http://spaces.msn.com/members/tentod > > > > ------------------------------------------------------------------------
> > > --
> > > Balakrishnan Chandrasekaran
> > > -------------------------------------------------
> > > Balakrishnan.C at gmx dot de
> > > Balakrishnan.C at gmail dot com
> --
> Balakrishnan Chandrasekaran
> -------------------------------------------------
> Balakrishnan.C at gmx dot de
> Balakrishnan.C at gmail dot com
|
