Integer Overflow and operator::new

As Raymond Chen pointed out last year (http://blogs.msdn.com/oldnewthing/archive/2004/01/29/64389.aspx), there is a potential integer overflow when calling operator::new. The C++ compiler in Visual Studio 2005 automatically generates defensive code to mitigate this potential vulnerability.   Code like this:   class CFoo { public:       CFoo() {m_p = NULL;} private:       void *m_p; };   void *func(size_t…

7

"Doing a Dave" : UK Developer Security Site

This is freakin’ hilarious – gotta love the British sense of humo[u]r. http://www.microsoft.com/uk/msdn/security/default.mspx Is this the new ‘blackhat’? er, black cat?  

1