"0xcccccccc" - 1 õppematerjal

Turvaauk CVE-2014-1705

var aaa = new DataView(ab3); for (var i = 10; i < aaa.length; i++) { aaa.setInt8(i, 0xcc); } assertEquals(8, aaa.byteLength); var a = new Int8Array(4); a.__defineGetter__("length", function() { return 0xFFFF; }); var b = new Int8Array(a); for (var i = 0; i < b.length; i++) { assertEquals(0, b[i]); } var ab4 = new ArrayBuffer(8); ab4.__defineGetter__("byteLength", function() { return 0xFFFFFFFC; }); var aaaa = new Uint32Array(ab4); for (var i = 10; i < aaaa.length; i++) { aaaa[i] = 0xcccccccc; } assertEquals(2, aaaa.length); Viited 1. Turvaauk Mitre CVE andmebaasis http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1705 2. Google V8 https://developers.google.com/v8/ 3. Memory corruption http://www.wisegeek.com/what-is-memory-corruption.htm 4. George Hotz-i võit võistluses Pwnium http://news.softpedia.com/news/Google-Addresses-Chrome-OS-Vulnerabilities-Presented-at- Pwnium-2014-432533.shtml 5. Patch kõikidele süsteemidele