On 15/08/2012 16:05, Rainer Stratmann wrote: > Am Wednesday 15 August 2012 16:45:03 schrieb Lukasz Sokol:
>>> If the maintainers decide to build in the suggested function above then >>> everthing is solved. By now no one of the maintainers wants this. >> >> I can understand why, more or less - this could be a security flaw if you >> can find the final procedure call address like that [and then inject/patch >> it from outside, while the program is running - see what I mean?] > > Please explain. > I do not change the code. I am only searching some pointers. > Well, yeah, _you_ don't. What if somebody else could create a program that extracts private (unexported) function pointers from executables and be able to redirect entire code paths. Oh wait. this is called executable infection and great deal of people actually _do_ that. >> Sort of the reason why Linux doesn't export System.map any more... (actually, they don't export syscalls table as r/w area, for the fear of somebody patching it with their own entries, they do it as r/o instead). >> And the sort of reason why (dx)gettext scans the _source_ not the binary. > > If the pointers were provided natively then scaning the source (labour > intensive) is no more necessary. So you think maintaining your own disassembler is easier, more stable and less maintenance than scanning the source? L. _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-pascal
