November 2008 - Posts

(In)Security of MultiByteToWideChar and WideCharToMultiByte (Part 2)

Part 1 of this installment discussed the unsafe nature of MultiByteToWideChar and WideCharToMultiByte.  They do not guarantee terminating strings properly.  In this installment, I want to focus on the count parameters.  There are three Read More...

Posted 14 November 08 09:59 by esiu | 1 Comments   
Filed under Security

(In)Security of MultiByteToWideChar and WideCharToMultiByte (Part 1)

There are a few well-known unsafe APIs in the standard C library, such as strcpy and memcpy.  These routines are unsafe as buffer and destination buffer size are not taken into consideration.  Buffer overflows may take place because destination Read More...

Posted 06 November 08 10:22 by esiu | 1 Comments   
Filed under Security

Search

This Blog

• Home
• About
• Email

Tags

• <script>alert()</script>
• Developer Productivity
• Exchange server
• IIS
• Infoworker Productivity
• Mobile Phone
• Security

Archives

• November 2008 (2)
• October 2008 (3)
• March 2008 (1)
• November 2007 (1)
• October 2007 (8)
• September 2007 (6)
• May 2007 (2)
• April 2007 (1)
• March 2007 (1)
• February 2007 (3)
• January 2007 (2)
• July 2005 (1)
• March 2005 (2)
• February 2005 (1)
• January 2005 (2)
• December 2004 (1)
• November 2004 (3)

ACE Team

• ACE Team

Syndication

• RSS 2.0
• Atom 1.0