Thread overview | ||||||
---|---|---|---|---|---|---|
|
April 29, 2014 Default arguments in function callbacks not taken into account when instantiating templates has huge security implications | ||||
---|---|---|---|---|
| ||||
----- import std.traits; import std.stdio; void handler(C)(C callback) { callback("John"); } void main() { auto safeCallback = (string user, string pass = "hunter2") { writefln("The password is: '%s'", pass); }; handler(safeCallback); someOtherFunc(); } void someOtherFunc() { auto hijackPassword = (string user, string pass) { writefln("Now I know your password: '%s'", pass); }; handler(hijackPassword); } ----- |
April 29, 2014 Re: Default arguments in function callbacks not taken into account when instantiating templates has huge security implications | ||||
---|---|---|---|---|
| ||||
Posted in reply to Andrej Mitrovic | On Tuesday, 29 April 2014 at 10:38:24 UTC, Andrej Mitrovic via Digitalmars-d wrote:
>
> void main()
> {
> auto safeCallback = (string user, string pass = "hunter2")
> {
> writefln("The password is: '%s'", pass);
> };
>
I'm sorry, but can you explain how this lets an attacker learn anything useful? I think it's a funny trick, and I agree on principle that it's probably an error that should be fixed, but I'm having trouble coming up with reasons why being able to discover the default argument (which I would assume is sentinel junk) has gravity. I would generally consider literal assignments in code to be trivially compromised anyway?
-Wyatt
|
April 30, 2014 Re: Default arguments in function callbacks not taken into account when instantiating templates has huge security implications | ||||
---|---|---|---|---|
| ||||
Posted in reply to Wyatt | On 4/29/14, Wyatt via Digitalmars-d <digitalmars-d@puremagic.com> wrote: > I'm sorry, but can you explain how this lets an attacker learn anything useful? Maybe I over-exaggerated a little bit here. On 4/29/14, Kenji Hara via Digitalmars-d <digitalmars-d@puremagic.com> wrote: > This is a compiler bug. Ok, I thought it was maybe by design. I remember there being a similar issue with function pointers not being distinct w.r.t. default arguments. There's a bugzilla issue where Walter comments on it. I'm not sure about the issue number though. |
May 02, 2014 Re: Default arguments in function callbacks not taken into account when instantiating templates has huge security implications | ||||
---|---|---|---|---|
| ||||
Posted in reply to Andrej Mitrovic | Is this in Bugzilla? |
Copyright © 1999-2021 by the D Language Foundation