Re: NSTask Leaking...
Re: NSTask Leaking...
- Subject: Re: NSTask Leaking...
- From: Jean-Daniel Dupas <email@hidden>
- Date: Fri, 30 Jan 2009 00:30:19 +0100
unsigned char digest[CC_MD5_DIGEST_LENGTH];
if (CC_MD5([fileData bytes], [fileData length], digest)) {
// md5 stored in digest.
} else {
// handle error
}
And if you file is to big to be hash at once, use whatever you want to
read it one by chunks.
char buffer[1024];
CC_MD5_CTX ctxt;
CC_MD5_Init(&ctxt);
while ((length = read(fd, buffer, 1024)) > 0) {
CC_MD5_Update(&ctxt, buffer, length);
}
CC_MD5_Final(digest, &ctxt);
You probably want better error checking but this is the main idea.
Le 29 janv. 09 à 23:06, Mr. Gecko a écrit :
but for an example, How would I implement it? is there any example
applications out there?
On Jan 29, 2009, at 3:35 PM, Jean-Daniel Dupas wrote:
Le 29 janv. 09 à 22:20, Jeremy Pereira a écrit :
On 29 Jan 2009, at 19:33, Mr. Gecko wrote:
I'm just going to use sscrypto framework for it...
If a malicious person can replace an executable with his own, he
can probably also replace a framework...
Why using a library when the libSystem provide hash functionality ?
/usr/include/CommonCrypto/CommonDigest.h
Regardless of any other problems, you've introduced a serious
weakness - a hacker just needs to temporarily change /sbin/md5
to a shell script that cats the expected output. For that
matter, they could easily edit the binary to change the string "/
sbin/md5" to another path that does the deed (to avoid having to
mess with sbin each time)
If you are trying to write secure code, don't execute external
binaries that you have no control over and expect it to be secure.
Glenn Andreas email@hidden
<http://www.gandreas.com/> wicked fun!
JSXObjC | the easy way to unite JavaScript and Objective C
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the
list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden