buffer overflow some how executing code

help with file transfer to laptop
Hello everyone, I'm hoping someone can help me out of a jam I got myself into! Long story short, I have an old IBM Thinkpad 380XD, 233 Pentium, that I had the grand idea to...

Ok, every so often I run across an article in a forum somewhere that given a "buffer overflow" a hacker can execute code on the system.

This just seems like a load of bunk to me. I've been programming in various languages, including, though not limited to, c and cpp, and I haven never once encountered a situation where writing past the bounds of a buffer, which is just an array of characters, to suddenly be converted into some sort of "magical code" that can suddenly wreak havoc.

In any programming I've done where you can write outside of the bounds of the buffer (char array), you get UNDEFINED behavior, not some magical power. Even the C and C++ specs state this.

Can someone please explain to me where this comes from. One example I just read was an IE6 exploit where using a url that's too logn and contains "unusual" characters can allow a "hacker to run code on the system." Again, these look liek total bunk to me, as a URL is just text, and writting past the bound of the buffer just isn't going to give soem REMOTE hacker the ability to suddenly jump into your system, or some put code in there.

Can anyone pelase clear this up? If I'm missing something here please let me know.

List | Previous | Next

help with file transfer to laptop

Alt Computers from Newsgroups

The #1 Usenet Provider on the Internet

iTunes question

PLEX86 x86- Virtual Machine (VM) Program


	CVS \| Mailing List \| Download \| Newsgroups

		buffer overflow some how executing code help with file transfer to laptop Hello everyone, I'm hoping someone can help me out of a jam I got myself into! Long story short, I have an old IBM Thinkpad 380XD, 233 Pentium, that I had the grand idea to... Ok, every so often I run across an article in a forum somewhere that given a "buffer overflow" a hacker can execute code on the system. This just seems like a load of bunk to me. I've been programming in various languages, including, though not limited to, c and cpp, and I haven never once encountered a situation where writing past the bounds of a buffer, which is just an array of characters, to suddenly be converted into some sort of "magical code" that can suddenly wreak havoc. In any programming I've done where you can write outside of the bounds of the buffer (char array), you get UNDEFINED behavior, not some magical power. Even the C and C++ specs state this. Can someone please explain to me where this comes from. One example I just read was an IE6 exploit where using a url that's too logn and contains "unusual" characters can allow a "hacker to run code on the system." Again, these look liek total bunk to me, as a URL is just text, and writting past the bound of the buffer just isn't going to give soem REMOTE hacker the ability to suddenly jump into your system, or some put code in there. Can anyone pelase clear this up? If I'm missing something here please let me know. List \| Previous \| Next



		help with file transfer to laptop Alt Computers from Newsgroups The #1 Usenet Provider on the Internet iTunes question