Dailydave mailing list archives

Re: Dangling pointers exploitation

From: Matt <matt () use net>
Date: Wed, 25 Jul 2007 11:06:32 -0700 (PDT)

On Wed, 25 Jul 2007, Thomas Ptacek wrote:

Unitialized automatic variables and use-after-free variables seem
of-a-kind: you have a pointer who's value seems unpredictable but is
in fact strongly influenced by the execution environment which is in
turn often influenced by inputs and timing.


Right. It's almost as if going through the Purify and Insure++
documentation from 10+ years ago is a veritable gold-mine for new types
of exploitable bugs.


--
tangled strands of DNA explain the way that I behave.
http://www.clock.org/~matt
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Dangling pointers exploitation ergosum (Jul 24)
- Re: Dangling pointers exploitation Thomas Ptacek (Jul 25)
  - Re: Dangling pointers exploitation jf (Jul 25)
    - Re: Dangling pointers exploitation Thomas Ptacek (Jul 25)
    - Re: Dangling pointers exploitation jf (Jul 25)
    - Re: Dangling pointers exploitation Thomas Ptacek (Jul 25)
    - Re: Dangling pointers exploitation jf (Jul 25)
    - Re: Dangling pointers exploitation Pusscat (Jul 25)
    - Re: Dangling pointers exploitation Chris Rohlf (Jul 25)
    - Re: Dangling pointers exploitation Matt (Jul 25)
    - Re: Dangling pointers exploitation pageexec (Jul 25)
    - Re: Dangling pointers exploitation Thomas Ptacek (Jul 25)
    - Re: Dangling pointers exploitation pageexec (Jul 25)
    - Re: Dangling pointers exploitation Tyler Krpata (Jul 25)
- Re: Dangling pointers exploitation Alexander Sotirov (Jul 25)