Vulnerability Development mailing list archives
Re: Delphi and buffer overflows
From: "Alice Bryson" <abryson () bytefocus com>
Date: Wed, 12 Apr 2006 17:01:44 +0800
Decompile Delphi program is more harder than disasemble a VC program for me. I use DeDe to decompile Delphi, but sometimes Anti-DeDe function of Delphi program make DeDe not work. Does anyone has some experience about decompile Delphi program? 2006/4/9, André Gil <andregil () di fct unl pt>:
Well, actually stating that something is secure because is compiled with Delphi or whatever other compiler is used I think is a really dangerous. What about race conditions? What about stuff like if x < 10 then (and what will happen if x for some reason is under 0 and that was never thought off while developing and reviewing?). What about not using least privilege? Well I guess you get the point. Stating something like that is just weird and dangerous. André ----- Original Message ----- From: "Gadi Evron" <ge () linuxbox org> To: <Valdis.Kletnieks () vt edu> Cc: <Majid2k () SourceForge net>; <vuln-dev () securityfocus com> Sent: Wednesday, April 05, 2006 2:52 AM Subject: Re: Delphi and buffer overflowsValdis.Kletnieks () vt edu wrote:On Sat, 01 Apr 2006 12:46:06 GMT, Majid2k () SourceForge net said:All Programs compiled in Delphi are secureExplain. Do tell. How does a language manage to be Turing-complete and at the same time provably secure? (Hint - Turing-complete includes the possibility of a program infinite looping, so at the very least, there's the possibility of a loop causing a DoS attack....) Or did Delphi use some different definition of "secure"?Valdis, I tend to like Delphi and agree with the guy, but you are 100% correct. That is because [especially] in the world of security the following words should be banned: all, every, never, etc. I bet that if you put a backdoor into a program written in Delphi it will no longer be 100% secure, right? That may be a bit of immature nitpicking, but really..
-- http://www.lwang.org lwang.org provides online base64 encode and decode, crc32 md5 and sha1 hashing, online ciphers, encryption and decryption. We are engaged in adding more common use lookup service. We collect spam for research at abryson () bytefocus com
Current thread:
- Re: Delphi and buffer overflows Majid2k (Apr 03)
- Re: Delphi and buffer overflows Valdis . Kletnieks (Apr 04)
- Re: Delphi and buffer overflows Gadi Evron (Apr 08)
- Re: Delphi and buffer overflows André Gil (Apr 08)
- Re: Delphi and buffer overflows Alice Bryson (Apr 12)
- Re: Delphi and buffer overflows Nicolas RUFF (Apr 18)
- Re: Delphi and buffer overflows Alice Bryson (Apr 19)
- Re: Delphi and buffer overflows Gadi Evron (Apr 08)
- Re: Delphi and buffer overflows Valdis . Kletnieks (Apr 04)