[Cryptography Team] Securing the VM and Image
Andreas Raab
andreas.raab at gmx.de
Tue Aug 1 07:59:02 UTC 2006
John M McIntosh wrote:
> mmm, in looking it seems we check length versus data in all the places a
> cursory scan show, but.
>
> What if I pass -1 as width to primitiveWrite24BmpLine
Yes, this would cause problems. Report and fix available at:
http://bugs.impara.de/view.php?id=4360
> or perhaps pass something odd to
> primAECoerceDesc: typeCode to: result.
Don't know. Given that this is Applescript it should probably be treated
like the FFI, e.g., not be used in any environment where we care about
random access to the OS by untrusted code.
Cheers,
- Andreas
More information about the Squeak-dev
mailing list
|