From when I glanced at this paper I remember it relies on an unchecked
malloc return. We use new for allocations and if it fails for some
reason, it will throw. If the same code path exists in Gnash, will
abort the Gnash process with an unhandled exception, but there's no
exploit possible.
Bastiaan
On Mon, 21 Apr 2008, John Gilmore wrote:
We should make sure we aren't vulnerable to any of the sub-parts of
this attack.
_______________________________________________
Gnash-dev mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/gnash-dev
