| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200505091843.j49Ihm0l022963@turing-police.cc.vt.edu> Date: Mon May 9 19:43:56 2005 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: PWCK Overflow POC Code Redhat/Suse older versions or something (maybe later too) On Mon, 09 May 2005 11:22:46 PDT, Day Jay said: > I never "claimed" to be a master at c coding or being > the greatest like this guy did and he *still* > hardcoded his shit and he's probably still mad. No, hardcoded would be if you removed this line of code: case 'a': addr = strtol(optarg, 0, 16); break; What he's got is called a *default value*. If you can't tell which is which, it might be a good idea to not bring it up any further. If you're going to try to insult somebody by accusing them of something (like "hardcoding"), you could either do the world a favor and make sure you understand the meaning of the accusation, or be *creative*: http://asmallvictory.net/archives/006323.html (See the entry about Florida's Senator George Smathers about half-way down). (Hints for the unclued: Try getting your code to run with a different value than '1700' without either recompiling or using a hex editor. Then get his code to run with a different value using '-a'. Then read this: http://catb.org/~esr/jargon/html/H/hardcoded.html and let us know when you've figured it out....) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050509/ca6f2ce8/attachment.bin
Powered by blists - more mailing lists