g*s
发帖数: 12 | 1 Here are two approaches to handling an input
file of arbitrary size:
A. Use a library or syscall that lets you determine the size
of the file. malloc a buffer to be that size. Then read
chars into the buffer until you hit EOF.
B. Malloc a buffer of a specific size. Read chars until
you hit that size, or EOF. If you fill the buffer,
use realloc to get a larger buffer.
From a security perspective, which is better? Why?
谢谢 | p***y
发帖数: 27 | 2 A is not good i think,
If the size of the file changes after you determine the size of it,
the surplus part may overwrite the memory portion after the buffer
you allocated. And that portion may be a piece of code, the return addr
of a function call, etc.
Someone may write malicious code or address to get control of the host.
【在 g*s 的大作中提到】
: Here are two approaches to handling an input
: file of arbitrary size:
: A. Use a library or syscall that lets you determine the size
: of the file. malloc a buffer to be that size. Then read
: chars into the buffer until you hit EOF.
: B. Malloc a buffer of a specific size. Read chars until
: you hit that size, or EOF. If you fill the buffer,
: use realloc to get a larger buffer.
: From a security perspective, which is better? Why?
: 谢谢
|
|
