AWK experts - how would I code around this in awk...
Karl F. Larsen
klarsen1 at gmail.com
Tue Feb 23 13:32:28 UTC 2010
Dave Howorth wrote, On 02/23/2010 06:05 AM:
> Steve Flynn wrote:
>> I know that string was widely known to cause many versions of csh to
>> have a minor coronary but I can't think of any other nastiness
>> associated with it. Do tell! :)
>
> Anything written in C is potentially a victim. Ignorant programmers
> using printf instead of puts can allow attackers to overwrite memory
> with it. The principle is described in
> http://en.wikipedia.org/wiki/Format_string_attack
I use printf because I was taught to do so. Not heard of
puts. But will look into it for fun.
What about c++ cout? Does this make c++ code subject to attack?
>
> I believe the article is wrong about the date of discovery though. It's
> possible I first read about it in the 1990 Comm ACM though I had thought
> I knew about it earlier. It was certainly known as a possible attack
> long before 1999 though and test plans included it through the 90s.
>
> Cheers, Dave
>
73 Karl
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
Key ID = 3951B48D
More information about the ubuntu-users
mailing list