Re: [Gnash-dev] Mark Dowd's Flash NULL Pointer Vulnerability Exploit

[Bastiaan Jacques]

> From when I glanced at this paper I remember it relies on an unchecked
malloc return. We use new for allocations and if it fails for some
reason, it will throw. If the same code path exists in Gnash, will 
abort the Gnash process with an unhandled exception, but there's no
exploit possible.

Bastiaan

On Mon, 21 Apr 2008, John Gilmore wrote:

> We should make sure we aren't vulnerable to any of the sub-parts of
> this attack.