Wireshark-dev: Re: [Wireshark-dev] [Wireshark-commits] rev 25171: /trunk/epan/dissectors/ /trun
From: "Luis EG Ontanon" <[email protected]>
Date: Sat, 26 Apr 2008 01:49:57 +0200
On Fri, Apr 25, 2008 at 10:17 PM, Jeff Morriss
<[email protected]> wrote:
>  Guy Harris wrote:
>  >       http://www.cs.berkeley.edu/~wychen/cs261/proposal.htm
>
>  If Figure 1 is really a problem then my understanding of C just went out
>  the window...



I wouldn't have got this by myself without the explanation  but if you
read the code as:

typedef unsigned short uid_t;

void dowork(uid_t u);
int main() {
    int x = read_from_network();
    // Squish root (it's not safe to   execute dowork() with uid 0)
    if ( (x & 0x0000ffff) == 0) exit(1);
    //       ^^^^^^^^^^^^^
    dowork(x);
}

you would have noticed the issue.



-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan