| |||||||||||||
catdoc: denial of servicecatdoc: denial of servicePosted Nov 18, 2012 16:41 UTC (Sun) by dark (subscriber, #8483)In reply to: catdoc: denial of service by apoelstra Parent article: catdoc: denial of service Ah ok, thanks. I did some digging and it seems I had this the wrong way around: an integer zero does not have to be all bits zero (because the standard permits padding bits), but C99 explicitly guarantees that all bits zero is interpreted as integer zero. (6.2.6.2/5) The discussion about this that I remembered was about the language in C89 so I feel old now :) C89 has much less to say about padding bits but doesn't rule them out.
(Log in to post comments)
catdoc: denial of service Posted Nov 18, 2012 20:27 UTC (Sun) by apoelstra (subscriber, #75205) [Link]
> Ah ok, thanks. I did some digging and it seems I had this the wrong way around: an integer zero does not have to be all bits zero (because the standard permits padding bits), but C99 explicitly guarantees that all bits zero is interpreted as integer zero. (6.2.6.2/5)
Oh! I thought this was true in C89 also.
I wonder, though, when you pass 0 to memset -- are you passing "integer zero" or "all bits zero"? Maybe you are still okay even if nothing is actually all-bits-zero.
catdoc: denial of service Posted Nov 21, 2012 1:18 UTC (Wed) by gjmarter (subscriber, #5777) [Link]
Although I wasn't aware of the padding rule before, I think it is a safe bet that memset is doing "all bits zero". It is setting bytes even though you pass it an integer.
|
|||||||||||||