manual memory management
Adam D. Ruppe
destructionator at gmail.com
Wed Jan 9 14:30:42 PST 2013
On Wednesday, 9 January 2013 at 21:13:35 UTC, H. S. Teoh wrote:
> Dereferencing null is also moot, because you'll just get an
> exception or a segfault, which is no help for a potential
> expoit.
BTW, not necessarily... this is a fairly unlikely situation,
granted, but imagine:
struct Thing {
ubyte[1024*1024] buffer;
int a;
}
Thing* t = null;
t.a = 10;
That'd turn into something like
mov eax, 0 ; the pointer value itself
mov dword ptr [eax + 1024*1024], 10 ; add the offset of the field
before doing the read/write...
which quite possibly does overwrite something exploitable.
More information about the Digitalmars-d
mailing list