Vulnerability Development mailing list archives
Re: Possible Communicator 4.76 issue
From: Nick <nwp () REDSHIFT LEMON-COMPUTING COM>
Date: Thu, 15 Mar 2001 12:49:26 +0000
On Wed, Mar 14, 2001 at 08:41:24AM -0800, c0ncept wrote:
Derefferencing a NULL pointer would be a code quality bug IMHO. The only security implications would be a possible Denial of Service in a server program.
A potentially dangerous assumption to make; it depends how the pointer came to be null, and what it's used for afterwards. For example, if it's null because it's been overwritten with something which just happened to make it that way, but which could if manipulated cause it to point at something completely different, it could be dangerous. Or if whatever overwrote the pointer had the potential to overwrite a load of other stuff too... Then again, it could just be dodgy logic in the program. Until you've looked, you just can't say. You're just not being adequately paranoid ;) Cheers, Nick -- Nick Phillips -- nwp () lemon-computing com Don't feed the bats tonight.
Current thread:
- Re: Possible Communicator 4.76 issue, (continued)
- Re: Possible Communicator 4.76 issue joel west (Mar 14)
- Re: Possible Communicator 4.76 issue Dino Amato (Mar 14)
- Re: Possible Communicator 4.76 issue Mike Fedyk (Mar 14)
- Re: Possible Communicator 4.76 issue Andreas 'Count' Kotes (Mar 14)
- Re: Possible Communicator 4.76 issue Blue Boar (Mar 14)
- Re: Possible Communicator 4.76 issue John Galt (Mar 14)
- Re: Possible Communicator 4.76 issue John Oliver (Mar 14)
- Re: Possible Communicator 4.76 issue steve clement (Mar 14)
- Re: Possible Communicator 4.76 issue Su Wadlow (Mar 14)
- Re: Possible Communicator 4.76 issue c0ncept (Mar 14)
- Re: Possible Communicator 4.76 issue Nick (Mar 15)
- Re: Possible Communicator 4.76 issue c0ncept (Mar 14)
- Re: Possible Communicator 4.76 issue Daniel McCranie (Mar 14)
- Re: Possible Communicator 4.76 issue Ewout Meij (Mar 14)
- Re: Possible Communicator 4.76 issue Christian Adams (Mar 14)
- Re: Possible Communicator 4.76 issue Benjamin Morin (Mar 14)
- Re: Possible Communicator 4.76 issue Alexandre Hautequest (Mar 14)
- Re: Possible Communicator 4.76 issue Ewout Meij (Mar 14)
- Re: Possible Communicator 4.76 issue Lee Schexnaider (Mar 14)
- Re: Possible Communicator 4.76 issue Chris Higgins (Mar 14)
- Fwd: Re: Possible Communicator 4.76 issue Gary J. Harris (Mar 14)
- Re: Possible Communicator 4.76 issue Sean Birkholz (Mar 14)