On Tue, Apr 08, 2014 at 15:09, Mike Small wrote: > nobody <[email protected]> writes: > >> "read overrun, so ASLR won't save you" > > What if malloc's "G" option were turned on? You know, assuming the > subset of the worlds' programs you use is good enough to run with that.
No. OpenSSL has exploit mitigation countermeasures to make sure it's exploitable.
