And, imagine, inside your app there would be any command to jump to position NNNN in memory and execute what is there, but since that memory position was written with data your program didn't expect, then you'll execute some code that shouldn't be there, and was loaded from your file. This could make you read (and write to memory) more bytes than your app expected. If it isn't done correctly, this could lead to execution of the bytes that are inside the file.įor example: if you have designed your app to load the whole file and show it, but somehow you have a variable inside your program that only holds 256 bytes. For example, reading the file and interpreting it's values. Then think about of processing the file, somehow, instead of just showing the contents. txt file: if you open it with an hex viewer, or with a well-designed textpad editor, it should only display the file content, and ok. There must be some security hole in the application.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |