http://www.hackerschool.org/HS_Boards/zboard.php?id=HS_Translate&no=28 [º¹»ç]
¾Æ.. ¿µ¾î¸¦ À߸øÇϴµ¥ ½ÃÀÛÇÏ´Ï...
³õÄ¡´Â ºÎºÐÀÌ ³Ê¹«¸¹¾Ò³×¿ä
´Ù¸¥ºÐµéÀÌ º¸°í Çѹø °ËÅäÇØ ÁÖ¼ÌÀ¸¸é ÇÕ´Ï´Ù..
what`s happenning over there~
¿©±â¿¡ ¾î¶² ¹®Á¦°¡ ÀÖÀ»±î¿ä?
the length..ah,,max_path,, the max_Path size is 260 right?
±æÀÌ.. max_path .. max_path ÀÇ »çÀÌÁî°¡ 260ÀÌÁÒ? º¸À̽óª¿ä?
the len sizecopy(szcopy) what size szcopy?
sizecopy ÀÇ ±æÀ̸¦ º¾½Ã´Ù. szcopyÀÇ Å©±â°¡ ¾ó¸¶ÁÒ?
(bla bla bla)
¾î¼±¸ Àú¼±¸..
i`m sorry?
À߸øµé¾ú³×¿ä.?
it could be a lot of things.
¿¹ ÀÌ°ÍÀº ¸¹Àº °æ¿ì°¡ µÉ¼ö ÀÖ½À´Ï´Ù.
it could be pretty much anything that is Pxxxxxx in..
¿¹ ¾ÆÁÖ ¸¹Àº °æ¿ì°¡ ´Ù µÉ¼ö ÀÖÁÒ.
very easily overflow that was cause a problem.
ÀÌ°ÍÀº ¸Å¿ì ½±°Ô ¿À¹öÇÃ·Î¿ì µÇÁÒ. ÀÌ°ÍÀÌ ¹®Á¦ ¿´½À´Ï´Ù.
any quistions on that?
¿©±â¼ Áú¹® ÀÖ³ª¿ä?
there's a gain pretty stander(?)
´Ù½ÃÇѹø º¸ÁÒ.
printf. right?
printfÁÒ. ? º¸À̽ÃÁÒ?
receives an argument doesn't specify a dinerdiet(!) for printing it
¹Þ´Â ÀÎÀÚ°ªÀº Ưº°ÇÏ°Ô.. x**** ÇÕ´Ï´Ù. ÀÌ°ÍÀ» Ãâ·ÂÇØ ÁÖ±â À§Çؼ¿ä
i`m sorry what?
(bla bla bla)
Á˼ÛÇѵ¥ ¹¹¶ó°í ÇϼÌÁÒ?
oh~ yeah~ good catch.
¾Æ~ ¸Â¾Æ¿ä~ ÁÁÀº ÁöÀûÀÌ¿¹¿ä
so I get there are two isues
±×·¡¼ Àü µÎ°¡Áö ¹®Á¦Á¡À» ÁغñÇØ ¿Ô½À´Ï´Ù ¤¾
that`s 21 ... that should be a 21 it`s so there is days off(!) occupy one as well as good catch
ÀÌ°ÍÀº.. 21ÀÌÁÒ? ÀÌ°ÍÀº 21ÀÌ µÇ¾î¾ß¸¸ ÇÕ´Ï´Ù. ÀÌ°ÍÀº ¶ÇÇÑ *********ÀÌ µÇ¾î¾ß ÇÏÁÒ. ÁÁÀº ÁöÀûÀÌ¿´¾î¿ä .
again calculations and I'v come to off by one in a bit. i think i might be used comsumming example there. from the that`s why
´Ù½Ã calculation À¸·Î ¿Íº¸ÁÒ. ±×¸®°í ÇѺñÆ®¿¡ ÇÑ off °¡ µû¸¨´Ï´Ù. ³ª´Â ³»°¡ ÁÁÀº ¿¹Á¦¸¦ °¡Áö°í ¿Ô´Ù°í »ý°¢ÇØ¿ä.
Division, Signed, Integer, Unicode, Off by one /few
Division signed Integer Unicode off by one ¿¡ °ü·ÃµÈ ³»¿ëÀÔ´Ï´Ù.
em.. and simply going fast of all of these becase of i know all of fewer experience and this
À½.. ±×¸®°í À̹ø°ÍÀº ¹«¾ùº¸´Ù Á¦°¡ ÀûÀº °æÇèÀ» °¡Áö°í Àֱ⠶§¹®¿¡ Á¶±ÝÀº ¸Å¿ì ºü¸£°í °£·«È÷ ÇÏ°Ú½À´Ï´Ù.
if you have particular qustions
¸¸¾à ºÎºÐÀûÀ¸·Î Áú¹®ÀÌ ÀÖ´Ù¸é
You're welcome to talk to me afterwards at ?? from long this because it's been a long day..
³ªÁß¿¡ µû·Î ¿¬¶ôÇÏ´Â °ÍÀ» ÃßõÇØ µå¸³´Ï´Ù. ¿Ö³ÄÇϸé ÀÌ°ÍÀº ¾ÆÁÖ ¿À·¡°É¸®±â 떄¹®ÀÌ¿¹¿ä
so calcuation of division~
´Ù½Ã calculation of division À» º¸ÁÒ
prom**** the total line~
¸ðµç ¶óÀο¡.. ***°¡ ÀÖ½À´Ï´Ù.
stay problem.
¿©ÀüÈ÷ ¹®Á¦°¡ Á¸ÀçÇÏÁÒ,
(not checking the serial`s **** zero.)
½Ã¸®¾ó *** zero °ªÀ» üŷÇÏÁö ¾Ê½À´Ï´Ù.)
yeah infinity anything less than ??? have problem right?
¸Â¾Æ¿ä ************º¸´Ù ÀûÀº ¹«ÇÑÇÑ °ªÀÌÁÒ. ¿ª½Ã ¹®Á¦¸¦ °¡Áö°í ÀÖ½À´Ï´Ù ¸ÂÁÒ?
(****************************)
(bla bla bla)
that`s also problem.
±×°Í¶ÇÇÑ ¹®Á¦Á¡ÀÔ´Ï´Ù.
if x`s zero are any ?? one or two or three it`s gonna give me a problem anything over four it`s gonna work fine.
¸¸¾à x ÀÇ 0ÀÌ ** 1À̰ųª 2À̰ųª 3À̶ó¸é ÀÌ°ÍÀº 4ÀÌ»óÀÇ ¾î¶°ÇÑ ¹®Á¦Á¡À» °¡Á®¿Ã°ÍÀÔ´Ï´Ù. ÀÌ°ÍÀº Àß ÀÛµ¿ÇÏ°ÚÁÒ.
right?
±×·¸ÁÒ?
And integer religion issues.
±×´ãÀº integer religion ¿¡°ü·ÃµÈ ³»¿ëÀÔ´Ï´Ù.
it`s line number 5 is hint,
5¹ø° ÁÙ¿¡ ÈùÆ®°¡ ÀÖ½À´Ï´Ù.
what happening malloc underscore size , equal size is exacting value.
sizeº¸´Ù ÀÛÀº ¸Þ¸ð¸® ÇÒ´ç¿¡¼ ¹«½¼ ¹®Á¦°¡ ÀÖÁÒ? µ¿µîÇÑ »çÀÌÁî´Â ***** °ªÀÔ´Ï´Ù.
i need(?) something word(?) over unsigned int what is max_unsigned int?
³ª´Â unsigned int ÀÌ»óÀÇ Æ¯Á¤ ¹®ÀåÀÌ ÇÊ¿äÇØ¿ä. unsigend intÀÇ ÃÖ´ë°ªÀÌ ¹¹ÁÒ?
65535 right?
65535 ¸ÂÁÒ?
(***********************************)
yeah, typically i mean an intel i guess intel x86
¸Â¾Æ¿ä~ ÀüÇüÀûÀ¸·Î ³ª´Â intel CPU¸¦ ¸»ÇÑ°Å¿´¾î¿ä ¾Æ¸¶µµ.. intel x86 ÀÌÁÒ.
(***********************************)
unsigned, i think that is..too .. but... you might be right~
unsigend ´Â... ³»»ý°¢¿£..³Ê¹«..Èì.. ÇÏÁö¸¸ ´ç½ÅÀÌ ¾Æ¸¶µµ ¸Â°ÚÁÒ.
either ways if you gain a number that is pretty cause to the same sizes malloc underscore size and sized both of them
¶Ç´Ù¸¥ ¹æ¹ýÀ¸·Î ¸¸¾à ´ç½ÅÀÌ underscore size ¿Í ¶È°°Àº ¸Þ¸ð¸®ÇÒ´ç ¹ÞÀº Å©±âÀÇ ¼ýÀÚ¸¦ ¾ò´Â´Ù¸é, ±×¸®°í ±× µÑÀÇ »çÀÌÁî¶ó¸é.??? (Çؼ® ¹Ì½º ¤Ð¤Ð)
if there realy large numbers you could have integer overflow because of multification thanks for and you would have a it could ***** either heap over flow or ¸¸¾à ±×µéÀÌ Á¤¸»·Î Å«¼ýÀÚ¶ó¸é, ´ç½ÅÀº ´Ù¾çÇÑ ¹æ¹ýÀ¸·Î integer ¿À¹öÇ÷ο츦 ÇÒ¼ö ÀÖ½À´Ï´Ù. ÀÌ°ÍÀº ´ç½ÅÀÌ heap over flow³ª ½ºÅÿÀ¹öÇ÷ο츦 ÇÒ¼ö ÀÖµû´Â °ÍÀÌÁÒ.
stack over flow depending on where data`s being ***** right ?
¾îµð¿¡ µ¥ÀÌÅÍ°¡ Á¸ÀçÇÏ´À³Ä **** *ÁÒ. ¸ÂÁÒ?
signed issues~~
signed ¿¡ °ü·Ã ÇÑ ÀÚ·áÀÔ´Ï´Ù.
again issue`s a bit line number 4 receiving argument it`s trying to check in the size less then, it`s another greater than 1024
´Ù½Ã¸»ÇÏÁÒ ºñÆ®¶óÀÎ 4´Â ÀÎÀÚ°ªÀ» ¹Þ½À´Ï´Ù. ÀÌ°ÍÀº ÀÛÀº ¼ýÀÚ¸¦ üũÇÏÁÒ. ÀÌ°ÍÀº ¶Ç´Ù¸¥ 1024º¸´Ù Å« ¼öÀÔ´Ï´Ù.
what if you give it a negative number?
ÀÌ°ÍÀÌ ¾î¶°ÇÑ ºÎÁ¤ÀûÀÎ ¼ýÀÚÀϱî¿ä?
how would you give it a negative number?
¾î¶»°Ô ÀÌ°Í¿¡ ºÎÁ¤ÀûÀÎ ¼ýÀÚ¸¦ ÁÙ¼ö ÀÖÀ»±î¿ä?
max int plus one right ?
intÀÇ ÃÖ´ë°ª¿¡ 1À» ´õÇÑ °ªÀÔ´Ï´Ù. ¸ÂÁÒ?
whatever danger value because of overflow because signed overflow
¹öÆÛ¿À¹öÇ÷ο춧¹®¿¡ ¹ß»ýµÇ´Â ¾î¶°ÇÑ À§ÇèÇÑ °ªµµ signed overflow°¡ ÀϾ´Ï´Ù. (ÀÇ¿ª ¿À·ù ¤Ð¤Ð)
Unicode~
(À¯´ÏÄÚµå ÀÔ´Ï´Ù)
that is out of the classic example and this is i think~ the dark printer buffer overflow ** because of this
¿©±â¿£ °¡ÀÜ ÀüÇüÀûÀÎ ¿¹½Ã°¡ ÀÖÁÒ. ±×¸®°í ÀÌ°ÍÀº.. Á¦»ý°¢¿£ darkprinter ¿À¹öÇ÷οìÀÔ´Ï´Ù.
line number 3 i guess MultiByteToWideChar
ÀÌ ¶óÀÎ 3¹ø°´Â ¾Æ¸¶µµ ¸ÖƼ¹ÙÀÌÆ®widechar À̱º¿ä
what size of two data? what`s two data? wide char what`s the data that is from data type
µÎ°¡Áö µ¥ÀÌÅÍÀÇ Å©±â´Â ¹»±î¿ä? µÎ µ¥ÀÌÅÍ´Â ¹»±î¿ä? µ¥ÀÌÅÍ Å¸ÀÔÀ¸·ÎºÎÅÍ ¿À´Â µ¥ÀÌÅÍ´Â ¹»±î¿ä?
it`s char. so.. the data types are not the same~
¹Ù·Î Äɸ¯ÅÍÇüÀÔ´Ï´Ù. ±×·¡¼ µ¥ÀÌÅÍ Å¸ÀÔÀº °°Áö ¾ÊÁÒ,
you need to make sure that whenever you using you're receiving char then you want a have size of two data the wide byte size of th*** char
´ç½ÅÀÌ Äɸ¯ÅÍÇüÀ» ¹Þ¾ÒÀ»¶§¿£ ¾ðÁ¦µç ÀÌ°ÍÀ» È®½ÇÈ÷ ÇÒ ÇÊ¿ä°¡ ÀÖ½À´Ï´Ù. ´ç½ÅÀÌ µÎµ¥ÀÌÅÍÀÇ Å©±â¸¦ ½Å°æ¾²´Â °Íº¸´Ù Áß¿äÇÏÁÒ.
otherwise you are gonna have buffer overflow there
*** ¹Ý¸é¿¡ ¹öÆÛ¿À¹öÇ÷ο찡 Á¸ÀçÇÒ²®´Ï´Ù.
this example is that`s not the only place that this has been ****** other place as well ...the... specific **** place re**** off...
ÀÌ ¿¹½Ã´Â ¿ÀÁ÷ **************************************************************** (¾Èµé¸³´Ï´Ù ¤Ð¤Ð)
any questions of that?
¶Ç´Ù¸¥ Áú¹® ÀÖ³ª¿ä?
so, problem is again~ off by ,,, off by one the plus one ?
±×·¡¼ ´Ù½Ã¸»ÇØ off by.. off by one ¹®Á¦´Â Çϳª´õ Ãß°¡ µÇ¾úÁÒ?
that was one that hear cut earlier at <.. already yet.. (here is quick.) >??
(Çؼ®ÀÌ ¤Ð¤Ð..)
problems were here again. again off by one. the prin** technical off by one. and this is the last one.
¶Ç´Ù½Ã ¹®Á¦´Â ÀÖ½À´Ï´Ù. off by one Àº ´Ù½Ã ***************************** ±×¸®°í ÀÌ°ÍÀº ¸¶Áö¸· ÇϳªÁÒ.
any questions? I know I move through this little fast. make me ** have any questions.
Áú¹® ÀÖ³ª¿ä? ÁøÇàÀÌ Á¶±Ý »¡¶úÀ»Áö ¸ð¸£°Ú³×¿ä. Áú¹®ÀÌ »ý±â¸é Áú¹®Çϼ¼¿ä.
this is pretty much *** end of this topic.
³Ê¹« ÁÖÁ¦°¡ *** ÇÏ°Ô ³¡³µ³ª¿ä?
everyone understood everything and can do there one code views, right?
Á¶¿ëÇÑ°É º¸´Ï ¸ðµç»ç¶÷ÀÌ ÀÌÇØÇÏ°í ÀÌ°ÍÀÇ °ßÇظ¦ °¡Áö°í ÀÖ±º¿ä. ¸ÂÁÒ?
well.. if you have any questions i have a e-mail adress again~ don`t hesitate e-mail me or..a. yeah~
ÁÁ½À´Ï´Ù. ¸¸¾à Áú¹®ÀÌ »ý±â¸é Á¦°¡ ¿©±â ½á³õÀº À̸ÞÀÏÀ» ÂüÁ¶Çϼ¼¿ä. Àý´ë À̸ÞÀÏÀ» ¾²´Â°ÍÀ» ¸Á¼³ÀÌÁö ¸¶¼¼¿ä.. ¸Â¾Æ¿ä .
if you have any questions catch me up this e-mail as well
¸¸¾à Áú¹®ÀÌ »ý±ä´Ù¸é ¶ÇÇÑ ³ª¸¦ ÀÌÇؽÃų¼öµµ ÀÖ¾î¾ß ÇØ¿ä.
thank you very much~
°¨»çÇÕ´Ï´Ù.
|
Hit : 1783 Date : 2011/05/12 02:01
|