HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mbbrutman

no profile record

Submissions

Hunting a 34 year old pointer bug in EtherSlip

brutman.com
38 points·by mbbrutman·vor 3 Monaten·9 comments

comments

mbbrutman
·vor 3 Monaten·discuss
I got lucky here with the compiler detecting the problem given that it wasn't just limited to using a null pointer. Depending on the buffer offset being handed back, it could have hit anywhere in the data segment.
mbbrutman
·letztes Jahr·discuss
Where is that published? I was using Github for references on DOS 4 as 3.3 isn't there yet.

(Thanks in advance!)
mbbrutman
·letztes Jahr·discuss
I looked at the call before and after to see what they had set the buffer to, and they clearly set the buffer to point into what is code. The executable is only 5KB and it's tiny; they had plenty of space in the segment to use a different part of the segment without purposefully blasting their own code.

While it's common, it was still a terrible practice. If whatever was filling in that buffer changed, they could be blasting more code than they intended. (As indicated in what I wrote, I know it was common if they wanted to reuse the space. Device drivers do something similar when they are done with their init code.)
mbbrutman
·letztes Jahr·discuss
Some day ... It took me months even just to get around writing up what I found ...

I'm still puzzled by the jump on the segment register values. I need to trace through the entire path.