473,326 Members | 2,732 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

Dangling pointers a new security threat?

sicarie
4,677 Expert Mod 4TB
I saw this on Slashdot and thought it was interesting. There's no released POC as far as I know, but i was curious. How do you guys find things like dangling pointers? (Blackbox testing, trusting the compiler, etc...?)
Jul 23 '07 #1
3 1790
JosAH
11,448 Expert 8TB
How do you guys find things like dangling pointers?
A programming error ...

kind regards,

Jos
Jul 23 '07 #2
sicarie
4,677 Expert Mod 4TB
A programming error ...

kind regards,

Jos
And everyone knows you don't make those kinds of errors ;).

The article says this was found in IIS 5.1(MS Security Bulletin Link), so it would seem that there are still types that aren't caught by compilers/IDEs...
Jul 23 '07 #3
JosAH
11,448 Expert 8TB
And everyone knows you don't make those kinds of errors ;).

The article says this was found in IIS 5.1(MS Security Bulletin Link), so it would seem that there are still types that aren't caught by compilers/IDEs...
Well, I try not to, but certainly compilers can't detect dangling pointers; IDEs
can just detect them during runtime. They can't do miracles no matter those
'wizards' nowadays.

kind regards,

Jos
Jul 23 '07 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

13
by: Aravind | last post by:
I would like to know in what manner dangling pointers affect the security of a application developed using C++.What are the loopholes that are created by dangling pointers and how they could be...
11
by: John | last post by:
Hi: Below is a simple code: class link1 { public: link1(); link1(int &b1, double &b2); int* a1;
20
by: __PPS__ | last post by:
Hello everybody in a quiz I had a question about dangling pointer: "What a dangling pointer is and the danger of using it" My answer was: "dangling pointer is a pointer that points to some...
116
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data...
5
by: Richard | last post by:
My experience has always been that you're SOL when trying to safely detect and stop references to dangling memory (non-null pointers to free'ed blocks) at runtime (C99, Linux). Maybe somebody...
3
by: marcelo6 | last post by:
Hi, What is more secure ? Encrypt data using php functions before send it to database (mysql), or Encrypt directly on database, using encryption functions of database server ? Ex:
3
by: shivapadma | last post by:
1.when referenced pointer is not active then it is called dangling pointer. is this correct ? 2.the pointer which does not point to anything is called null pointer. is NULL macro is a...
1
by: vsrinivas | last post by:
what is dangling pointer ?And when it will occur in applications?
1
by: sridhard2406 | last post by:
Hi All, I have a doubt on undrestanding Dangling pointers.Below I mentioned sample code. please let me know, my view on Dangling pointers is correct or not? main( ) ...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.