Robert Redelmeier wrote:
> Frank Kotler <spamtrap@[EMAIL PROTECTED]
> wrote in part:
>> Alexei A. Frounze wrote:
>>> I didn't try the latest NDISASM, but the 0.98.35
>> Still using Nasm with the buffer overflow? Why???
>
> Maybe 'cuz Alexei is smart enough to keep the buffer low?
> Mostly a matter of avoiding hostile (overlong) input.
True. I'm not aware of any existing "hostile" code (besides Jonathan
Rockway's demo of the problem). Alexei probably *looks* at code before
he attempts to assemble it (it would be pretty obvious, I think).
Still... if you've got a choice between a tool with a potentially
exploitable buffer overflow, and an otherwise all-around improved
version of the same tool without it, which would you choose?
Best,
Frank
|
