Evan Martin (evan) wrote in evan_tech,
Evan Martin
evan
evan_tech

(feh, messed this up once.
and somehow i don't actually own this community? so i made it friends-only and now i can't get the post back?)

Spot the security hole (from conjecture):
struct header {
    int cmd, id, len;
};

[...]

struct header hdr;
char buf[1024], ubuf[1024];
if(read(sock, &hdr, sizeof(hdr)) != sizeof(hdr))
    exit(-1);
if(hdr.len < sizeof(hdr) || hdr.len > 1024)
    exit(-1);
read(sock, buf, hdr.len);
buf[1023] = 0;
snprintf(ubuf, sizeof(ubuf), "command was %s", buf);
Subscribe

  • gmail greasemonkey

    The new version of Gmail has explicit support for Greasemonkey.

  • better arabic transliteration

    Web-based Arabic Transliteration, now available as a bookmarklet. Clicking the bookmarklet gives me a hotkey to switch between English and العربية,…

  • rad javascript hack: triangles

    " This is demonstration of rendering arbitrary triangles (relatively fast) with javascript/DOM/css (no images, flash, canvas tags or java applets)."…

  • Post a new comment

    Error

    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 17 comments

  • gmail greasemonkey

    The new version of Gmail has explicit support for Greasemonkey.

  • better arabic transliteration

    Web-based Arabic Transliteration, now available as a bookmarklet. Clicking the bookmarklet gives me a hotkey to switch between English and العربية,…

  • rad javascript hack: triangles

    " This is demonstration of rendering arbitrary triangles (relatively fast) with javascript/DOM/css (no images, flash, canvas tags or java applets)."…