-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Title:[xfocus-SD-060206]BCB compiler incorrect deal sizeof operator
vulnerability
Affected version : <= BCB6+ent_upd4
Vendor: http://borland.com/
Url: http://www.xfocus.net/releases/200602/a849.html
XFOCUS (http://www.xfocus.org) had already discovered
a vulnerability in BCB6(ent_upd4) compiler.
It maybe cause integer overflow if you misuse use sizeof operator.
/**
int main(int argc, char *argv[])
{
int i =-1;
printf("Check compiler whether correct deal with sizeof
operator\n");
printf(" by [email protected] \n\n");
if (i > sizeof ( int ) )
{
printf("This compiler is not vuln\n");
}else
printf("This compiler is vuln!!!\n");
getchar();
return 0;
}
Kind Regards,
XFOCUS Security Team
http://www.xfocus.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFD51e5whDwaF6cSWIRAmbkAJ4sN66WOJMKPY4RjSq5p7TvdSGGigCfe5SU
wolEFAITtYi8fWNND0uyO5c=
=ibnF
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/