On 16-8-2012 10:57, Rainer Stratmann wrote: > Am Thursday 16 August 2012 10:16:04 schrieb Lukasz Sokol: >> On 15/08/2012 16:05, Rainer Stratmann wrote: >>> Am Wednesday 15 August 2012 16:45:03 schrieb Lukasz Sokol: >>>>> If the maintainers decide to build in the suggested function above then >>>>> everthing is solved. By now no one of the maintainers wants this. >>>> >>>> I can understand why, more or less - this could be a security flaw if >>>> you can find the final procedure call address like that [and then >>>> inject/patch it from outside, while the program is running - see what I >>>> mean?] >>> >>> Please explain. >>> I do not change the code. I am only searching some pointers. >> >> Well, yeah, _you_ don't. What if somebody else could create a program that >> extracts private (unexported) function pointers from executables and be >> able to redirect entire code paths. Oh wait. this is called executable >> infection and great deal of people actually _do_ that. > > I don't understand what you want to say here. > Am I responsible for things other people may do? Yes. Because your proposed changes open up avoidable security holes in the compiler, you are. (If I were you my counterargument would rather be that "obviously this functionality would be driven by a compiler switch that is off by default"...)
>> So you think maintaining your own disassembler is easier, more stable and >> less maintenance than scanning the source? > > Yes, of course. > It runs automatically no additional step is needed. ROFLMAO after reading this thread, especially Mark ML's post. _______________________________________________ fpc-pascal maillist - fpc-pascal@lists.freepascal.org http://lists.freepascal.org/mailman/listinfo/fpc-pascal