[Info-vax] A DCL wish list of sorts...
pcanagnostopoulos at gmail.com
pcanagnostopoulos at gmail.com
Fri Mar 22 12:02:55 EDT 2019
On Friday, March 22, 2019 at 11:48:10 AM UTC-4, dgordo... at gmail.com wrote:
>
> It's the ability to overwrite the return address on the stack. Not all characters inside a quoted string need to be printable - you just need to be creative to get them in there. One of the CDU bugs (and there were many missed length and maximum item count bugs) allowed an over-length quoted string to be placed in the command table.
>
> It's also worth noting that the real bug was in DCL where it blew the length check before it copied the prompt string onto the stack. While CDU is the official way to create a command table, there's noting to keep enterprising folks from writing a C (or even BASIC) program that will produce a malformed command table that DCL will happily try to swallow.
I consistently neglected to check lengths and counts? Sheesh. I reduce my grade to a low F-. Making those checks has nothing to do with worrying about hackers. It's just good practice. I bet I subconsciously assumed that no one would have long text lines.
I remember absolutely nothing about the format of a command table.
~~ Paul
More information about the Info-vax
mailing list