Security Holes Involving Dangling Pointers
Like buffer-overflow bugs, dangling/wild pointer bugs frequently become security holes. For example, if the pointer is used to make a virtual function call, a different address (possibly pointing at exploit code) may be called due to the vtable pointer being overwritten. Alternatively, if the pointer is used for writing to memory, some other data structure may be corrupted. Even if the memory is only read once the pointer becomes dangling, it can lead to information leaks (if interesting data is put in the next structure allocated there) or to privilege escalation (if the now-invalid memory is used in security checks).
Read more about this topic: Dangling Pointer
Famous quotes containing the words security, holes, involving and/or dangling:
“Thanks to recent trends in the theory of knowledge, history is now better aware of its own worth and unassailability than it formerly was. It is precisely in its inexact character, in the fact that it can never be normative and does not have to be, that its security lies.”
—Johan Huizinga (1872–1945)
“And as my wit doth best devise,
Love’s dwelling is in ladies’ eyes,
From whence do glance love’s piercing darts,
That make such holes into our hearts;
And all the world herein accord,
Love is a great and mighty lord;”
—George Peele (1559–1596)
“Living is like working out a long addition sum, and if you make a mistake in the first two totals you will never find the right answer. It means involving oneself in a complicated chain of circumstances.”
—Cesare Pavese (1908–1950)
“And, indeed, is there not something holy about a great kitchen?... The scoured gleam of row upon row of metal vessels dangling from hooks or reposing on their shelves till needed with the air of so many chalices waiting for the celebration of the sacrament of food. And the range like an altar, yes, before which my mother bowed in perpetual homage, a fringe of sweat upon her upper lip and the fire glowing in her cheeks.”
—Angela Carter (1940–1992)