351
edits
Changes
New section: Code example
Line 7:
Line 7:
That's the big singing bug? Some genius used strncmp instead of memcmp to compare binary data? ROFL. [[User:198.166.12.229|198.166.12.229]] 11:41, 27 March 2008 (PDT)
That's the big singing bug? Some genius used strncmp instead of memcmp to compare binary data? ROFL. [[User:198.166.12.229|198.166.12.229]] 11:41, 27 March 2008 (PDT)
: I'm afraid so. Also, they didn't bother checking any of the padding, either -- which would have at least made it much more difficult to exploit. [[User:Bushing|Bushing]] 14:00, 27 March 2008 (PDT)
: I'm afraid so. Also, they didn't bother checking any of the padding, either -- which would have at least made it much more difficult to exploit. [[User:Bushing|Bushing]] 14:00, 27 March 2008 (PDT)
+
+== Code example ==
+
+Well, I don't want to start a revert war against an admin. That's stupid. I preffer to keep my ban wars on IRC.
+
+I think that my example gets the point out, the point isn't to be exact in what the IOS code does, the point is to show an example of how this class of bugs looks like. While I can't deny the fact that bushing's code is much more real, it hides the point of the example code by being too big. It's a lot of cruff and largely a pain to figure out where the bug is. I think that clarity is better than realism here.--[[User:Henke37|henke37]] 13:29, 16 July 2008 (CEST)