|
Rockbox mail archiveSubject: Re: WPS tokenizerRe: WPS tokenizer
From: Kosta Welke <kosta_at_fillibach.de>
Date: Tue, 20 Mar 2007 13:10:52 +0100 On Mon, 19 Mar 2007 09:18:35 +0100, RaeNye <raenye_at_netvision.net.il> wrote: > I don't really care whether the intermediate represention is the same as > the WPS with comments and whitespace stripped, or with text strings > coalesced in > the end of the file and pointers attached, or an obscure binary format. > It's just that you need to parse a simpler format without error checking > (unlike user-supplied WPS). If we have some binary output that could be written directly to memory lying around on the disk, without error checking, it just screams security hole directly in my face. Then again, it depends where and when it is created. And of course, I see no practical application of creating a "malicious" wps binary to 0wn your ipod. But I just thought someone should mention it. Kosta Received on 2007-03-20 Page template was last modified "Tue Sep 7 00:00:02 2021" The Rockbox Crew -- Privacy Policy |