> dear carl
>
>
> >The more I think about it, the following is better.
> >No more buffer overflow problem.
> ~~~~~~~~~~~~~~~~
>
> have heard lots about it in security bulletins ...
> what is a buffer over flow ? and how does it appear in code ?
A buffer is a block of memory designed to hold some data involved in
input or output. A buffer overflow is when you read more data into the
buffer than it can hold.
Example:
char *
readline(FILE *input)
{
char buffer[80];
fscanf(input,"%[^\n]",buffer); /* Read in everything upto a
newline */
return strdup(buffer);
}
This is a rather straightforward example: It declares a fixed-width
buffer (80 characters), then reads in an unbounded number of characters
into it. If it is asked to read a line longer than about 80
characters, "buffer" will overflow.
This is a potential security problem because C doesn't do any array
bounds checking. fscanf will be happy to write over any memory near
the buffer once it gets past an 80 character line. In this case, that
will modify such things as return addresses, saved registers, etc,
stored on the same stack that the buffer was allocated on. That means
that a well-chosen long line could turn control of my program over to
the attacker instead of the legitimate user.
Hope this helps.
>
> cheers
> venu
>
>
>
> --
> Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
>
>
--
Buddha Buck [EMAIL PROTECTED]
"Just as the strength of the Internet is chaos, so the strength of our
liberty depends upon the chaos and cacaphony of the unfettered speech
the First Amendment protects." -- A.L.A. v. U.S. Dept. of Justice
