Hacker News new | past | comments | ask | show | jobs | submit login

I mean, in C++ "=" could be called "dangerouslySetAribtraryMemoryLocation" and it would be just as accurate. In native code, even trivial operations like concatenating two strings or setting a variable can cause arbitrary code to execute.



Care to give an example?


Assuming OP was talking about overloading the '=' operator:

  struct A {
    int *p = nullptr;
  
    A& operator=(int i) {
      *p = i;
      return *this;
    }
  };

  int main(void)
  {
    A a;
    a = 1;  /* boom! */
    return 0;
  }


strcat (or, honestly, anything in string.h). strcat assumes its first argument has enough allocated space for the contents of the 2nd argument, and that the 2nd argument is NULL terminated. If either of those assumptions is wrong, strcat will overwrite memory, corrupting either your heap or your stack, both of which can lead to arbitrary code execution. It's laughably easy to do, so easy that even typing the letters `strcat` into your program is forbidden in basically every C/C++ shop.


strcat is C and not C++ though.


Nah it's both. C++ was deliberately designed to be a superset of C. It's diverged a little bit, but it's mostly still the case. Or, call it `std::strcat` if you like.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: