Comments on: A Security Issue with C++ Object Layouts http://www.veracode.com/blog/2007/07/a-security-issue-with-c-object-layouts/ Application security testing, analysis, and metrics Tue, 15 May 2012 22:16:53 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: John McDonald http://www.veracode.com/blog/2007/07/a-security-issue-with-c-object-layouts/comment-page-1/#comment-528 John McDonald Thu, 19 Jul 2007 11:20:26 +0000 http://www.veracode.com/blog/?p=53#comment-528 Interesting.. That's a pretty subtle bug. :> It seems somewhat related to an attack against the "One Definition Rule" that I stumbled on recently. I think they were thinking more along the lines of intentional trojaning via interpositioning, which IMHO isn't nearly as interesting as the bugs you've observed in real-world code. Here are some links: https://www.securecoding.cert.org/confluence/display/cplusplus/MSC31-C.+Obey+the+One+Definition+Rule http://vuduc.org/pubs/quinlan2006-odr.pdf http://en.wikipedia.org/wiki/One_Definition_Rule Interesting.. That’s a pretty subtle bug. :>

It seems somewhat related to an attack against the “One Definition Rule” that I stumbled on recently. I think they were thinking more along the lines of intentional trojaning via interpositioning, which IMHO isn’t nearly as interesting as the bugs you’ve observed in real-world code. Here are some links:

https://www.securecoding.cert.org/confluence/display/cplusplus/MSC31-C.+Obey+the+One+Definition+Rule

http://vuduc.org/pubs/quinlan2006-odr.pdf

http://en.wikipedia.org/wiki/One_Definition_Rule

]]> By: Christien Rioux http://www.veracode.com/blog/2007/07/a-security-issue-with-c-object-layouts/comment-page-1/#comment-527 Christien Rioux Wed, 18 Jul 2007 15:31:59 +0000 http://www.veracode.com/blog/?p=53#comment-527 Sure, it's also a C issue. Sure, it’s also a C issue.

]]> By: Thomas H. Ptacek http://www.veracode.com/blog/2007/07/a-security-issue-with-c-object-layouts/comment-page-1/#comment-526 Thomas H. Ptacek Wed, 18 Jul 2007 14:21:24 +0000 http://www.veracode.com/blog/?p=53#comment-526 Is this really a C++ issue? It seems like you could screw up a #define anywhere. Is this really a C++ issue? It seems like you could screw up a #define anywhere.

]]>