Re: errno in debug vs. release
Re: errno in debug vs. release
- Subject: Re: errno in debug vs. release
- From: Steve Checkoway <email@hidden>
- Date: Tue, 7 Feb 2006 18:17:58 -0800
On Feb 7, 2006, at 6:03 PM, John W Noerenberg II wrote:
At 1:21 PM -0800 2/7/06, Steve Checkoway wrote:
So with the release configuration free releases unallocated
memory and malloc clobbers the heap.
This is programmer error. You allocated 0 bytes and then tried to
write over it.
Actually, the point of this program was to illustrate a programmer
error. :-) Say you compute the size of a buffer to be allocated
based on some user input. If your program doesn't validate the
result of the operation, it could lead to memory allocation errors
which become vulnerabilities that could be exploited by a hacker.
Sure, I caught that that was the point of writing it that way. I
agree that all user input should be checked.
That's the motivation for why Sys V treats malloc(0) as an error
condition.
I don't think that is a requirement of the standard though.
- Steve
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden