Andrey Kolishak wrote: > >There is also article of Symeon Xenitellis "A New Avenue of Attack: >Event-driven system vulnerabilities" http://www.isg.rhul.ac.uk/~simos/event_demo/ > > > In fact, the problem is similar to U*ix signals, except that there is no jump-to-address argument for usual. Remember that old ping bug which allowed users to flood the network by sending SIGALRM in some old ping implementations. Maybe reading some manuals about safe signal handling would be a good lecture for Windows developers too:
http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/ Section 3.3 especially regards /ih
