On 7/27/17, petern <peter.nichvolo...@gmail.com> wrote: > > What prevents stack busting or other code injection attacks on an otherwise > valid pseudo-null pointer by simply decoding the address space and > observing where strcmp() loads a register to one of the pointer "keys" > you've insisted be conveniently published for hackers in the data segment? >
I do not understand what this sentence means. Can you explain it again in simpler terms? Refresh my memory please: What exactly (and succinctly) is your complain with the current sqlite3_bind_pointer(), sqlite3_result_pointer(), and sqlite3_value_pointer() design? Are there multiple complains? Can you enumerate them? Please be as specific as possible. -- D. Richard Hipp d...@sqlite.org _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users