The project I work on needs the ability to do Unicode-savvy string collation,
which SQLite doesn’t provide. But we’re somewhat sensitive to code size, so we
don’t want to just drop in the hugeness that is ICU. We’ve looked at a couple
of other Unicode/UTF-8 libraries (like utf8rewind), and
On Thursday, 27 July, 2017 11:03, petern wrote:
>Richard. Were you aware of this paper?
>http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf
>Are you able to put two facts together?
>What prevents stack busting or other code injection attacks on an
> On Jul 27, 2017, at 10:02 AM, petern wrote:
>
> Are you able to put two facts together?
>
> What prevents stack busting or other code injection attacks on an otherwise
> valid pseudo-null pointer by simply decoding the address space and
> observing where strcmp()
The latest code in the "Prerelease snapshot"
(https://sqlite.org/download.html) and on the Draft website
(https://sqlite.org/draft/) contains a change in the new
pointer-passing API. An optional destructor function for the pointer
has been added to the sqlite3_bind_pointer() and
On 7/27/17, petern wrote:
>
> What prevents stack busting or other code injection attacks on an otherwise
> valid pseudo-null pointer by simply decoding the address space and
> observing where strcmp() loads a register to one of the pointer "keys"
> you've insisted be
Richard. Were you aware of this paper?
http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf
Are you able to put two facts together?
What prevents stack busting or other code injection attacks on an otherwise
valid pseudo-null pointer by simply decoding the address space and
observing
On 26 Jul 2017, at 1:15pm, Bubu Bubu wrote:
> Yeah, I took a closer look to my script today (fresh mind), and indeed
> there was a typo. I've been on it so closely yesterday that I couldn't see
> this huge error.
>
> I'm sorry, to all the mailing list, for such an useless
Hi Dan,
Yeah, I took a closer look to my script today (fresh mind), and indeed
there was a typo. I've been on it so closely yesterday that I couldn't see
this huge error.
I'm sorry, to all the mailing list, for such an useless post...
Anyway, thanks again Dan, have a nice day guys
2017-07-26
8 matches
Mail list logo