![]() ![]() But if the sequence was malformed, with “half a character” tagged on the end, the size calculation went wrong, the buffer allocated was too small to contain the characters and a buffer overflow occurred, leading to remote code execution. If the bytes were a valid encoding of some characters, everything was fine. ![]() In the case of Notepad++, an assumption was made as to the number of characters represented by a sequence of bytes encoded using one of the common Unicode methods. These encodings aren’t that complicated, but they do have a lot of edge conditions waiting to entrap the unwary programmer. Various schemes have been invented to do this, and the modern way is to use one of the standard encodings for Unicode – that’s the international set of all characters used in every language on the planet. That’s because it needs to encode an awful lot of different characters in an efficient way. The problem is text is not necessarily simple. Several interesting buffer overflow flaws in Notepad++ surfaced recently, which has just been fixed, illustrates this perfectly. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |