Thats not right ;) The programming language is the problem in this case. Why should i write my code with functions that shouldnt be used with C++? C++ works with the stdlib, which means streams. Not C stuff. So its finally up to Valve to write programs which follows C++ standards not C. You cant trust your users as programmer. Its up to us, to make the source safe, and if the projecttime needs 2 weeks more, you should spend the time.
Ronny Schedel schrieb: > The problem is not the programming language, the problem is that Valve trust > their game clients too much. > > > >> Well, >> >> Valve should start coding c++ with steams ;) >> Who works with printfs today? >> >> I hope Valve will fix the whole source to prevent overflows. >> C++ is you friend, not old C stuff... >> >> Best regards, >> Stefan Popp >> >> >> Claudio Beretta schrieb: >> >>> Thanks, anyone knows if a workaround is available? >>> >>> BTW: aren't "security researchers" supposed to contact the developers >>> before >>> releasing 0-day exploits?This is the 2nd 0-day exploy from aluigi in a >>> few >>> weeks -.- >>> >>> >>> On Tue, Aug 18, 2009 at 6:44 PM, Morgan Humes <[email protected]> >>> wrote: >>> >>> >>> >>>> A friend forwarded me this info regarding a vulnerability. I am unable >>>> to >>>> test this at the moment, but it does look like it is possible. Thought >>>> I >>>> would get this out to the community before others start using this to >>>> cause >>>> havoc. >>>> >>>> http://www.vupen.com/english/advisories/2009/2296 >>>> http://aluigi.altervista.org/adv/sourcefs-adv.txt >>>> >>>> Morgan Humes >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list archives, >>>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>> >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> >> > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
