On 2018-Jan-10 16:46:01 +0530, Sujit K M <[email protected]> wrote: >>From my understanding what is happening is that an array overflow is >>happening. >Can't it be handled more generically.
The array overflow in the example code is solely a convenient mechanism to make C reference an arbitrary virtual address. An attacker could import code from another system so it's not possible to mitigate the vulnerability by (eg) implementing bounds checking in a compiler. -- Peter Jeremy
signature.asc
Description: PGP signature
