Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Swordmaker
...execution of any executable from the buffer...

Oops, make that "Execution of any executable from the stack."

4 posted on 06/20/2006 7:59:48 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!")
[ Post Reply | Private Reply | To 3 | View Replies ]

To: Swordmaker
Unlike Windows, OS X does not permit execution of any executable from the buffer... so the most it can do is to crash Excel on a Mac....Oops, make that "Execution of any executable from the stack."

I'm sorry, but that's not even remotely true - you can smash the stack on OS X with a buffer overflow, just as you can on just about any other OS. Here's one example of same:

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=239

Any OS written in any language that doesn't automate bounds checking at compile time or runtime, such as C/C++, is potentially vulnerable to this sort of thing. And that includes OS X - the only thing you can do is patch 'em as you find 'em, or rewrite the thing from the ground up in a language that is a bit more sensible about such things.

11 posted on 06/20/2006 10:25:04 PM PDT by Senator Bedfellow (If you're not sure, it was probably sarcasm.)
[ Post Reply | Private Reply | To 4 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson