alex@milivojevic.org wrote:
Quoting Feizhou feizhou@graffiti.net:
When does a newbie gets a monster box to play with?
4 gigs of memory isn't as expensive as it used to be. Not that cheap that I would put 4 gigs into any of the computers in my basement. But not that expensive either. Complete AMD64 system is not that much more expensive then P4 system (other then processor and motherboard, all other components are exactly the same). So I'd say wast majority of newbies from rotten rich west can financialy afford a "monster box to play with".
DJB has already stated a long time ago that this should be done by the OS or available tools.
Whatever way you put it, the following is buggy code:
int foo; int *bar; foo = bar;
If you are referring to the 'problem #2 is exploitable at least on freebsd 5.4 amd64' code, it does not do anything of the sort.
int i; ... i = str_chr(cmd.s,' '); ... cmd.s[i] = 0;
str_chr returns 'unsigned int' not a pointer.
Yelling that limits were supposed to be setup on the system for your particular program so that bar always fits into foo is not going to save you from the fact that your programming practices were flawed! The above code fragment is probably the biggest single problem with many programs when Alpha processors were introduced. And now we see it again.
Now I don't know if that "bug" in qmail fits the above description exactly, but I'm preaty darn sure it is something equivalent.
Why don't you look before you yammer.
If you did a compile of qmail, you will NEVER find any warnings about 'warning: assignment makes integer from pointer without a cast'
After all, there's that famous quote from Bill Gates: "640K ought to be enough for anybody". Who knows, maybe one day we'll be quoting qmail author instead: "32 bits ought to be enough for anybody".
I highly doubt it since he said nothing of the sort.
I haven't said he did. It was a joke
:)