tag:blogger.com,1999:blog-5905235103449148751.post6657634948638421118..comments2023-06-09T09:04:24.537-07:00Comments on Code Injection: How many bugs can you find?Roberthttp://www.blogger.com/profile/03622901804239494322noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-5905235103449148751.post-80911236768633423572011-11-22T07:59:17.935-08:002011-11-22T07:59:17.935-08:00Devil's advocate: You're making a few assu...Devil's advocate: You're making a few assumptions that just glancing at the code can't be verified.<br /><br />If management is *really* devious/inept, then c_str() might not actually behave as std::string's function. c_str() might stand for "changeable string" which returns a mutable version of the immutable string (e.g., an "MS" object). This MS object might then overload the == operator, thus causing the comparison to behave as expected (i.e., not just comparing addresses).Ryan Moorehttps://www.blogger.com/profile/17824706924128879650noreply@blogger.comtag:blogger.com,1999:blog-5905235103449148751.post-21574092114190199502011-11-20T08:43:01.802-08:002011-11-20T08:43:01.802-08:00Well yes, it is implementation defined, but saying...Well yes, it is implementation defined, but saying it goes in the text segment is just plain wrong. As the wiki page says (that you linked to) the text segment is for executable instructions. Strings are not executable instructions. They don't go there.Poita_https://www.blogger.com/profile/09778851161711133774noreply@blogger.comtag:blogger.com,1999:blog-5905235103449148751.post-3471724763107679202011-11-19T07:34:47.843-08:002011-11-19T07:34:47.843-08:00hey rhomboid, I probably shouldn't have glosse...hey rhomboid, I probably shouldn't have glossed over that point so quickly but this behavior is actually implementation defined. The compiler can pick where it wants to put the string literals and the text segment and read-only data segment are both valid choices.Roberthttps://www.blogger.com/profile/03622901804239494322noreply@blogger.comtag:blogger.com,1999:blog-5905235103449148751.post-78278922423839434362011-11-19T03:21:14.390-08:002011-11-19T03:21:14.390-08:00The string most certainly doesn't get stored i...The string most certainly doesn't get stored in .text, that's for code (instructions) only, not data. It's stored in the .rdata section (Windows) aka the .rodata section (ELF) which is for read-only data.Anonymousnoreply@blogger.com