|
![](/i/fill.gif) |
> (I suppose that if you use a signed *long* in a 64-bit system where longs
> are 64-bit, then expanding a signed 32-bit int to such a signed 64-bit long
> will result in the wrong value. But was that the case here?)
>
While this one
(http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0894) didn't use
negative offsets, only out of bounds indexes that weren't checked by the
programmer.
This one, did use negative indexes:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0986
More details: http://cxsecurity.com/issue/WLB-2008030020
--
/*Francois Labreque*/#local a=x+y;#local b=x+a;#local c=a+b;#macro P(F//
/* flabreque */L)polygon{5,F,F+z,L+z,L,F pigment{rgb 9}}#end union
/* @ */{P(0,a)P(a,b)P(b,c)P(2*a,2*b)P(2*b,b+c)P(b+c,<2,3>)
/* gmail.com */}camera{orthographic location<6,1.25,-6>look_at a }
Post a reply to this message
|
![](/i/fill.gif) |