Bugtraq mailing list archives

Re: ActiveX Buffer Overruns

From: mikenel () IAPETUS COM (Michael Nelson)
Date: Wed, 6 Oct 1999 18:35:57 -0400


On Wed, 6 Oct 1999, Chris wrote:

Scuse me for butting in, but I have to say that this is only partially
correct.

YES, the com subsystem will marshall data sent to/from a 'remote' COM object
(be that a separate process on the same system, or a process on a remote
machine).

But NO, the com subsystem does NOT marshall data for an inproc server (i.e.
any COM object exposed as a .DLL, .OCX, or .whatever-Microsoft-calls-them-
today.


Clarification -- if the caller and the object are in different apartments
-- even within the same process -- marshaling occurs.

-mike

Current thread:

Re: ActiveX Buffer Overruns Aviram Jenik (Oct 03)
- <Possible follow-ups>
- Re: ActiveX Buffer Overruns Chris (Oct 06)
  - Re: ActiveX Buffer Overruns Michael Nelson (Oct 06)
  - StackGuarded Red Hat 5.2 Released Crispin Cowan (Oct 07)
- Re: ActiveX Buffer Overruns Todd Sabin (Oct 06)