Am Thursday 16 August 2012 10:16:04 schrieb Lukasz Sokol: > On 15/08/2012 16:05, Rainer Stratmann wrote: > > Am Wednesday 15 August 2012 16:45:03 schrieb Lukasz Sokol: > >>> If the maintainers decide to build in the suggested function above then > >>> everthing is solved. By now no one of the maintainers wants this. > >> > >> I can understand why, more or less - this could be a security flaw if > >> you can find the final procedure call address like that [and then > >> inject/patch it from outside, while the program is running - see what I > >> mean?] > > > > Please explain. > > I do not change the code. I am only searching some pointers. > > Well, yeah, _you_ don't. What if somebody else could create a program that > extracts private (unexported) function pointers from executables and be > able to redirect entire code paths. Oh wait. this is called executable > infection and great deal of people actually _do_ that.
I don't understand what you want to say here. Am I responsible for things other people may do? > >> Sort of the reason why Linux doesn't export System.map any more... > > (actually, they don't export syscalls table as r/w area, for the fear of > somebody patching it with their own entries, they do it as r/o instead). > > >> And the sort of reason why (dx)gettext scans the _source_ not the > >> binary. > > > > If the pointers were provided natively then scaning the source (labour > > intensive) is no more necessary. > > So you think maintaining your own disassembler is easier, more stable and > less maintenance than scanning the source? Yes, of course. It runs automatically no additional step is needed. _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-pascal