Spec#, nullables and more

Bruno Medeiros brunodomedeiros+spam at com.gmail
Mon Nov 29 08:49:20 PST 2010


On 26/11/2010 19:20, Daniel Gibson wrote:
>>
>> So, going back, is it correct to say that an NPE bug on its own is not
>> enough to allow arbitrary code execution, but that other
>> vulnerabilities are necessary?
>>
>
> I don't think it's correct: You may have a "bad" user on your system
> (e.g. pseudo-public server like in universities) who executes code that
> exploits the NPE bug and gains root/kernel privileges that way.
> You only need another vulnerability if there are no "bad users" on your
> system => the only way to execute bad code is via an exploit (e.g. in
> your webbrowser or one of its plugins etc)

You're still thinking in terms of compromising a machine. I didn't mean 
specifically that, forget users and hosts, I was thinking of a more 
general and simpler case which relates to a process only: can the input 
to some program P cause arbitrary code execution, when it shouldn't? 
Like, can an image file cause my image viewer to run arbitrary code, can 
a zip file to the same for my zip extractor, etc.. (the same if the 
program is a server process and the input comes across the network)


-- 
Bruno Medeiros - Software Engineer


More information about the Digitalmars-d mailing list