lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 7 Jun 2005 20:47:56 +0200
From: "Manu BenoƮt" <tseeker@...ternity.net>
To: bugtraq@...urityfocus.com
Subject: Re: AOL AIM Instant Messenger Buddy Icon "ateimg32.dll" DoS


> .text:12081BDB mov ebx, [esp+arg_C]
> .text:12081BDF test ebx, ebx
> .text:12081BE1 jbe short loc_12081C1A
> .text:12081C13 dec ebx
> .text:12081C14 mov ecx, esi
> .text:12081C16 jnz short loc_12081BED
> .text:12081C18 pop edi
> .text:12081C19 pop esi

Unless I'm mistaken, the second line sets the Zero Flag if ebx (the argument) 
is null then jumps after the end of the loop if the flag is set.

Which means that the count gets checked before entering the loop, and there 
shouldn't be any problem.


-- 
TSeeker <tseeker@...ternity.net>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ