Francois Labreque <fla### [at] videotron ca> wrote:
> > Orchid Win7 v1 <voi### [at] dev null> wrote:
> >> There appears to be plenty of software that incorrectly treats various
> >> size values as signed integers. (E.g., programs that malfunction on
> >> files larger than 2GB because they think the file size has become
> >> "negative".)
> >
> > Can you give me a scenario where that produces a buffer overflow?
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0894
That didn't really answer my question.
--
- Warp
Post a reply to this message
|