Version française
Home     About     Download     Resources     Contact us    
Browse thread
Safe marshall?
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: -- (:)
From: Mike Hamburg <hamburg@f...>
Subject: Safe marshall?
Is there any way to call Marshall in a type-safe way?  I need to use 
marshaling for a networking program, and I'd rather not leave Marshal 
as an arbitrary code execution vulnerability (which it is as far as I 
can tell: switching on a Marshaled value should produce a computed 
jump, which can be set by an attacker to point to an arbitrary place).  
Am I stuck writing my own marshal function?

Mike Hamburg