Re: Debug error--gdb could not unwind past...
Re: Debug error--gdb could not unwind past...
- Subject: Re: Debug error--gdb could not unwind past...
- From: Jens Alfke <email@hidden>
- Date: Mon, 19 Sep 2011 12:41:47 -0700
On Sep 19, 2011, at 11:20 AM, dct wrote: Thanks for the reply. But, in a way, it begs the issue of where to look and what to look for (& watch out for) in C/Obj-C code. My recent run-in suggests that passing faulty data to a function can do the trick. I assume that there are other ways too and it'd be nice to know if these are documented anywhere.
This is kind of a big topic, and by no means Mac-specific. C-level pointers are efficient but unsafe, especially when used as arrays, since C has no array bounds checking. I’m sure there’s a rich literature on stack corruption bugs, because these have been one of the main sources of security holes used to exploit apps. (The attacker passes bad data that triggers such a bug, which is crafted to overwrite local variables with specific values that cause the code to misbehave. Advanced techniques put machine code into the corrupt data, and overwrite the function return address to jump straight into that code, giving the attacker control of the process.) You might look at some texts on secure coding practices.
—Jens |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden