Spec#, nullables and more
Bruno Medeiros
brunodomedeiros+spam at com.gmail
Mon Nov 29 08:49:20 PST 2010
On 26/11/2010 19:20, Daniel Gibson wrote:
>>
>> So, going back, is it correct to say that an NPE bug on its own is not
>> enough to allow arbitrary code execution, but that other
>> vulnerabilities are necessary?
>>
>
> I don't think it's correct: You may have a "bad" user on your system
> (e.g. pseudo-public server like in universities) who executes code that
> exploits the NPE bug and gains root/kernel privileges that way.
> You only need another vulnerability if there are no "bad users" on your
> system => the only way to execute bad code is via an exploit (e.g. in
> your webbrowser or one of its plugins etc)
You're still thinking in terms of compromising a machine. I didn't mean
specifically that, forget users and hosts, I was thinking of a more
general and simpler case which relates to a process only: can the input
to some program P cause arbitrary code execution, when it shouldn't?
Like, can an image file cause my image viewer to run arbitrary code, can
a zip file to the same for my zip extractor, etc.. (the same if the
program is a server process and the input comes across the network)
--
Bruno Medeiros - Software Engineer
More information about the Digitalmars-d
mailing list