From: Tracy R Reed <[EMAIL PROTECTED]>
Does qmail or any other "bug free codes" written by arrogant programmers
implement a binary search or merge sort? Any programs somehow use a sort in
some way that might affect security? I wonder if any fun can be had with
this... Of course you need to introduce a billion elements to be sorted so
it might be a bit hard to exploit but you never know!
http://googleresearch.blogspot.com/2006/06/extra-extra-read-all-about-it-nearly.html
He's wrong about the results of the bug- he says in C it overflows by going
to an invalid index via underflow. In C, you'd use an unsigned int (does
Java have this?) thus wouldn't go to a negative index (although it is still
a bug, it won't crash the app. It may infinite loop). IF a variable is
supposed to be a loop index, it should always be unsigned in any language.
Gabe
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
