Bugtraq mailing list archives
Re: ActiveX Buffer Overruns
From: mlnn4 () OAKS COM AU (Chris)
Date: Wed, 6 Oct 1999 21:18:05 +1000
On Mon, 4 Oct 1999 07:52:53 +0200, Aviram Jenik wrote:
Buffers passed to a COM object (or ActiveX control: it's the same thing) are marshaled by the COM subsystem [snip]
Scuse me for butting in, but I have to say that this is only partially correct. YES, the com subsystem will marshall data sent to/from a 'remote' COM object (be that a separate process on the same system, or a process on a remote machine). But NO, the com subsystem does NOT marshall data for an inproc server (i.e. any COM object exposed as a .DLL, .OCX, or .whatever-Microsoft-calls-them- today. If the object is loaded into the calling processes address space, then the method and property accesses are not marshalled. As the majority of COM object accesses of the type we are talking about in -this- thread (that being, I understand, activeX or other com objects embedded in a browser's rendition of a web page) are in fact inproc, then marshalling is not a factor that can be relied upon. -- Chris
Current thread:
- Re: ActiveX Buffer Overruns Aviram Jenik (Oct 03)
- <Possible follow-ups>
- Re: ActiveX Buffer Overruns Chris (Oct 06)
- Re: ActiveX Buffer Overruns Michael Nelson (Oct 06)
- StackGuarded Red Hat 5.2 Released Crispin Cowan (Oct 07)
- Re: ActiveX Buffer Overruns Todd Sabin (Oct 06)