Comment Re:Will it give a false positive on wrapper funcs? (Score 1) 114
So apparently, the strcpy_wrapper function example, will be taken care of because they traverse the stack to determine which frame the buffer lies in.
But the question of buffers on the stack still remains. I suppose that they could make the special case that if the buffer in question is not found to lie anywhere in the stack, that it must be in the heap, and therefore is safe from corrupting the return address. (BTW - change the malloc in the above to malloc(strlen(s)) ).
But the question of buffers on the stack still remains. I suppose that they could make the special case that if the buffer in question is not found to lie anywhere in the stack, that it must be in the heap, and therefore is safe from corrupting the return address. (BTW - change the malloc in the above to malloc(strlen(s)) ).
