Hi,
I'm currently following a course on secure programming. Since it's targeted mainly at C/C++/Java programmers, I have a lot of unanswered questions regarding Perl programming.
The most important one I have is related to buffer overflows. My understanding of this kind of exploit is that the runtime memory is accessed in an abnormal way in order to get to sensitive data and/or run arbitrary code. Which brings up the Garbage Collector.
From previous posts, I learned that, for exemple, using
undef on data structures releases the memory back to the Perl interpreter for reuse. The same thing happens when a reference goes out of scope. What I would like to know is what reallly happens to the bits when the memory is released. Are the all reset to
0? Are they left as is (thus possibly creating an opening following a buffer overflow)? Finally, is memory management the same with scripts converted to executables by
perlapp or
perl2exe?
Regards,
Solostian
-- "Fortunately, ridicule does not kill..."
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.