Monday, July 23, 2007

WTF... dangling pointer exploits?!

This article points to a potential technique for exploiting dangling pointers?

I have no idea how they can get something usefull from a dangling pointer... any ideas?
at
Labels: ,

2 comments:

luijo said...

Hell, I don't even know what a dangling pointer is.. :|

Para los programadores curiosos, Dangling Pointers..

11:03 AM
Rodolfo Hansen said...

Object *p = (Object *) malloc (sizeof(Object));

work_on_p(p);

free(p);

work_more_p(p);

In essence, p still points to what was once a valid Object, still that memory was freed and what p points to is no longer guaranteed...

after the free(); p should be assigned to NULL...

Still how the hell they manage to get their own data into p I have Nooooo idea...

2:42 PM

Post a Comment

Subscribe to: Post Comments (Atom)

Ráptame

Ven, escápate conmigo! Por hoy, llévame donde quieras; pero hoy; regalame tu día Invitame a tus antojos Brindame tu sonrisa y Mírame a ...

  • The Venus Project
    Watch live video from Zeitgeist-TV on Justin.tv It took me a long time to view the Zeitgeist videos , the first one, is a sensationalist ...
  • Heart Broken
    I remember telling someone, on her porch one afternoon: "That's because you have never really had your heart broken, and I will do ...