screen shot of description of software bug allowing out-of-bound heaps write, where the authors state that having only a few bytes of overwritable content would make exploitation challenging
๐ค I'd need to examine the bug, its setting, how much input/app state can be manipulated before I could say for sure.. but 3 bytes OOB is often 2 more than needed to get new primitives/code exec. I wonder if the team assessing this had any past experience manually shaping heaps?
1 week ago
0
0
0
0
JetBrains GoLand IDE showing sqlite3 bindings written in Go.
I'm still writing code the hard way. I'm slow. I like to think critically about every line of code and fiddle with variable names until everything looks right. I treat code as a liability and try to ship only what's necessary.
It's hard to imagine writing code any other way.
2 months ago
891
99
28
16
Update for anyone who might see this post: this guy was adopted (yay!) so the link leads to an animal-not-found page. It's heartwarming, because so often euthanasia is the outcome instead. So having said all that, please consider adoption! If you need help finding a foster/rescue org let me know
4 months ago
0
0
0
0
They're bit-by-bit because the author just implemented the most naive proof-of-concept. Given the 63bit space, there are def ways to have 3 (maybe even 4) bytes expressed by each lock while still allowing multiple concurrent participants (perhaps even better than that, just some napkin math!)
5 months ago
1
0
1
0
Fun-reliable side-channels for cross-container communication
h4x0r
Start your day with a little container sidechannel 0day, as a treat
h4x0r.org/funreliable/
5 months ago
2
0
0
0
Animal Care Centers of NYC (ACC)
We strive to find loving homes for homeless and abandoned cats, dogs, and rabbits.
I ran into this awesome dog, walked by a volunteer to raise awareness, wearing an "Adopt Me" vest. He's super sweet, don't let his appearance fool you (ears were cropped by humans not himself)! Please consider adopting (I would if I didn't have 2 already): nycacc.app#/browse/213312
6 months ago
2
0
1
0
You may be fearing your 401k is no longer enough for you to retire. But with all the cuts to NIH and Medicare you also won't live as long. So the policies are integrated.
1 year ago
33838
7233
815
486
Advertisement
When constructing special data structures to overwrite others with in memory, it's normal to hear Dead Prez saying "fake fake records records records..", that's not just me right?
1 year ago
1
0
0
0
anyway i'm starting to use bsky and started it off with a total shit post so that's going well
1 year ago
4
0
0
0
NYT Connections game is always hitting up the most obscure data
"nicknames used by actuaries when describing contending risk factors"
...
"words equidistant from each other in chapter 4 of Guy Fieri's cookbook"
it's too much
1 year ago
2
0
2
0
