Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
Possible awk overflow
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Possible awk overflow

Hybrid View

  1. #1

    Possible awk overflow

    There has been some buzz on vuln-dev over a possible buffer overflow in the current and past releases of awk. You can get some information on it from http://www.gnulinux.net or vuln-dev mailing list archives.

  2. #2

    Re: Possible awk overflow

    at first zlib and now awk .. I hope the overflows will end now .. :-/

  3. #3

    Re: Possible awk overflow


    at first zlib and now awk .. I hope the overflows will end now .. :-/
    Actually it's a good thing that they have been found. Usually when something like this is found it means that there has allready been people exploiting it for some time. Luckily, OSS allows white hats to find the bugs just as fast as black hats allowing for quick disclousre and patching.

  4. #4

    Re: Possible awk overflow

    yep thats the good side of OSS, but the best thing is if there were no such bugs, but thats not really possible I think.

  5. #5

    Re: Possible awk overflow

    Yeah, to make bugless software you mus be perfect. No one is perfect, and so no code is perfect ... though Bill might tell ya diffrent .

  6. #6
    Guest

    Re: Possible awk overflow

    at first zlib and now awk .. I hope the overflows will end now .. *:-/
    Why do you think I sawy that user applications should be coded in more secure languages? *I say that from now on, we all write in Ada! I mean, seriously, why bother writing something in C, just to see it mentionned on bugtraq? I mean, come on people, stop thinking that the only way to program is with either C or C++ and start learning languages with safer mecanisms.

  7. #7

    Re: Possible awk overflow

    imho there are more advantages if you code it in C its some kind of standard, easy to read ... sure sometimes you will get exploits but i dont think that it is possible to make no errors in programming or to prevent exploits and overflows ..
    I dont know Ada, can you show me some example syntax ..

  8. #8
    Guest

    Re: Possible awk overflow

    imho there are more advantages if you code it in C its some kind of standard, easy to read ... sure sometimes you will get exploits but i dont think that it is possible to make no errors in programming or to prevent exploits and overflows ..
    I've heard it a lot of time, but I simply don't buy it anymore. *I mean, even the OpenBSD group who keep auditing the source code of the entire OS find bugs all the time, and they are computer security experts, so give me a break that it's possible to make no errors.

    I dont know Ada, can you show me some example syntax ..
    Code:
    with Ada.Text_IO;
    use Ada.Text_IO;
    
    procedure helloworld is
    begin
     *Put_Line ("Hello World");
    end helloworld;
    Very verbose and very secure.

  9. #9

    Re: Possible awk overflow

    yep .. very verbose and looks secure to me, but people make errors, i dont think that you could write such a large os like linux or just the kernel without making errors, it is even harder to archive if there are over 300 people working on it, everyone has a different coding style and errors just happen ..

  10. #10
    Guest

    Re: Possible awk overflow

    So what if you can't write an OS with it? We're talking about awk, and awk is a utility. C isn't bad at all for system programming (I mean, what kind of a choice is this: C, Assembly or Forth...). But for user applications, it's not the best language. It was not designed with that purpose in mind. Dennis Ritchie wrote it so that he and Ken Thompson could rewrite Unix. That's why I say that when it comes to user applications, higher level programming languages (Python, Ada, Perl, etc) are better suited.

    Quoth the FoBoT: Use the right too for the right job.

    And many people seem to agree with that saying, but not many seem to apply it.

Similar Threads

  1. Netgear WG602v4 router buffer overflow
    By Kernel_Killer in forum Security
    Replies: 0
    Last Post: 06-02-2010, 04:28 PM
  2. neighbour table overflow
    By chippy in forum Linux - Software, Applications & Programming
    Replies: 4
    Last Post: 05-08-2002, 03:49 PM
  3. ./bin/login buffer overflow - not linux
    By civ1492 in forum Linux - Software, Applications & Programming
    Replies: 4
    Last Post: 01-22-2002, 11:14 AM
  4. HPIIISi mem overflow errors
    By Mip in forum Linux - General Topics
    Replies: 7
    Last Post: 12-10-2001, 02:32 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •