Hi Seán,
you're absolutely right. That's the thing I missed I wasn't aware of the
fact that indexOf deals with ASCII format chars.
The fix seems to be absolutely ok. In any case, a smart solution to safe
operation calls!
Sorry for the confusion.
Regards,
Chris
On Friday 24 February 2012 1
hold on,
the indexOf test will match with those ASCII format chars.
i.e
"/.\56/.\56/.\56/etc/passwd".indexOf("..") returns 1.
Is the fix still ok then ?christopher.me...@rub.de
regards,
Sean
On 24/02/12 14:09, Seán Coffey wrote:
thanks for raising this point Chris.
we certainly don't want a
thanks for raising this point Chris.
we certainly don't want any windows for such an attack. I'll revisit this.
regards,
Sean.
On 24/02/12 13:31, Christopher Meyer wrote:
Hi,
please correct me if I'm wrong, but the Changeset 5052 in ZoneInfoFile could
maybe draw an unexpected SideChannel at Sy
