![]() The only way that's likely to happen is if the bug-fixing was performed directly on the program binary itself without reference to the source code. But none of that is in evidence here side-by-side comparison of the fixed program and the original version shows that it's almost entirely unaltered except for a few bytes in a few functions. Low-level aspects of the compiled code will change slightly the recompiled code will use registers slightly differently, functions will be placed at different locations in memory, and so on. Normally when a program is modified and recompiled, there are ripple effects from this compilation. Instead, it appears that the flaw has been fixed by very carefully modifying the Equation Editor executable itself. Again, this is a simple change to make in the source code.īut that doesn't appear to be what Microsoft did here.Īnalysis of Microsoft's patch strongly indicates that the company didn't make changes to the source code at all. ![]() If that's not possible-there are occasional situations where a buffer can't easily be made bigger-then the next best solution is to limit the amount of data copied to it, truncating the font name if it's too long to fit. It's a simple enough change to make in source code. Normally the work to fix this would be to determine the length of the font name and create a buffer that's big enough to hold it. Curious how a buffer overflow works? Previously on Ars we did a deep-dive explanation.
0 Comments
Leave a Reply. |