SecurityvulnsSECURITYVULNS:DOC:11309[Full-disclosure] [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Title:[xfocus-SD-060206]BCB compiler incorrect deal sizeof operator
vulnerability
Affected version : <= BCB6+ent_upd4
Vendor: http://borland.com/
Url: http://www.xfocus.net/releases/200602/a849.html
XFOCUS (http://www.xfocus.org) had already discovered
a vulnerability in BCB6(ent_upd4) compiler.
It maybe cause integer overflow if you misuse use sizeof operator.
/**
- check_compiler_sizeof_vulnerability.c
- Check compiler whether correct deal with sizeof operator,
- which can cause integer overflow if you careless use !!!
- note: some old compiler have this vulnerability!!!
- by [email protected]
- XFOCUS Security Team
- http://www.xfocus.org
- already tested:
- BCB6+ent_upd4…vuln !!!
- gcc version 4.0.0 20050519 (Red Hat 4.0.0-8)…not vuln
- gcc version 2.95.3-4(cygwin special)…not vuln
- gcc version egcs-2.91.66…not vuln
- cc: Sun WorkShop 6 2000/04/07 C 5.1 …not vuln
- VC6+sp5…not vuln ,thank eyas
- lcc version 3.8…not vuln ,thank
tombkeeper - evc4+sp4…not vuln ,thank san
- REQUEST YOUR COMMENT:
- VC6 not sp5…?
- VC7…?
- evc not sp4…?
- freebsd gcc version…?
- openbsd gcc version…?
- …
*/
#include <stdio.h>
int main(int argc, char *argv[])
{
int i =-1;
printf("Check compiler whether correct deal with sizeof
operator\n");
printf(" by [email protected] \n\n");
if (i > sizeof ( int ) )
{
printf("This compiler is not vuln\n");
}else
printf("This compiler is vuln!!!\n");
getchar();
return 0;
}
- –EOF
Kind Regards,
XFOCUS Security Team
http://www.xfocus.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFD51e5whDwaF6cSWIRAmbkAJ4sN66WOJMKPY4RjSq5p7TvdSGGigCfe5SU
wolEFAITtYi8fWNND0uyO5c=
=ibnF
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/