Re: Verifying Toolchain Semantics

unofficial mirror of guile-devel@gnu.org 
 help / color / mirror / Atom feed

From: Ian Grant <ian.a.n.grant@googlemail.com>
To: Nala Ginrut <nalaginrut@gmail.com>, guile-devel <guile-devel@gnu.org>
Subject: Re: Verifying Toolchain Semantics
Date: Sun, 5 Oct 2014 12:24:54 -0400	[thread overview]
Message-ID: <CAKFjmdza_zD7Syw123sH4U4=7OU30tWbWgj+yWyFsSx9fr0Q7g@mail.gmail.com> (raw)
In-Reply-To: <CAPjoZocPr107r05H02OU_dd8MMVEf5dvCmEUU2BHcR3Shsgfhw@mail.gmail.com>

On Sun, Oct 5, 2014 at 11:15 AM, Nala Ginrut <nalaginrut@gmail.com> wrote:
>
> Alright, I changed a system and try it again with evince successfully.
> Anyway, I did't find any maths or special symbols in it, so it could be
> published on your blog as plain text. But you may insist on the opinion of
> PDF.

There is another reason why I use PDF. It's much nicer to read. I love
Garamond. Did you see the Jobs movie? Do you remember what he said
about Garamond?

> It's not your mistake but mine. ;-)

Well being mistaken about somebody else's mistake that wasn't a
mistake is about the least mistaken it's possible to be: it really
doesn't matter at all.

What we really need to do is find out what software Mark was using to
pdf->png. If it segfaults then there is a good chance that that bug
can be turned into a working exploit. Because all binaries distributed
by the binary-distributors are identical, attackers can analyse the
file and work out how to turn a bad pointer dereference into an
exploitable "PDF attack vector" which executes binary code contained
in the PDF.

Ian

next prev parent reply	other threads:[~2014-10-05 16:24 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-10-02 14:54 Verifying Toolchain Semantics Ian Grant
2014-10-03  6:23 ` Mark H Weaver
2014-10-03  7:15   ` William ML Leslie
2014-10-03 12:56     ` Taylan Ulrich Bayirli/Kammer
2014-10-03 17:13       ` Mark H Weaver
2014-10-05 13:57       ` William ML Leslie
2014-10-03  8:45   ` Nala Ginrut
2014-10-05  1:35   ` Ian Grant
2014-10-05  5:39     ` Nala Ginrut
2014-10-05 14:14       ` Ian Grant
2014-10-05 15:15         ` Nala Ginrut
2014-10-05 16:24           ` Ian Grant [this message]
2014-10-06  8:25             ` Nala Ginrut
2014-10-05  6:58     ` Mike Gerwitz
2014-10-05 16:11       ` Ian Grant
2014-10-06  4:23         ` Mike Gerwitz
     [not found]           ` <20141006042323.GA31390-iW7gFb+/I3LZHJUXO5efmti2O/JbrIOy@public.gmane.org>
2014-10-07 17:18             ` Ian Grant
     [not found]               ` <CAKFjmdx+jzfapvrq6EEO8Skx2L2UZwi-DZ22xiq9t1438E7kOw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-07 17:28                 ` Mark H Weaver
2014-10-07 17:56                   ` Ian Grant
     [not found]                     ` <CAKFjmdwNTjJ7nU-rKEWkA+5whsfyrpqJ6RkhU+VRbUW6rqT03A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-07 19:24                       ` Philip Herron
     [not found]                         ` <CAEvRbeoEJPTtoDu0nDudJyfBoaT1vpuvHzL=t+TkJr_ZGkzYEQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-07 19:47                           ` Ian Grant
2014-10-08 18:26                       ` Mark H Weaver
2014-10-08  3:55               ` Mike Gerwitz
  -- strict thread matches above, loose matches on Subject: below --
2014-10-05 17:42 Ian Grant
2014-10-05 18:19 ` Ian Grant
2014-10-06  0:30 Ian Grant
     [not found] ` <CAKFjmdzxAMvcry8N6B_atM_8vGyzA1Dfz9ygWxSgh3fD7EUAuQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-06  8:51   ` William ML Leslie

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/guile/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKFjmdza_zD7Syw123sH4U4=7OU30tWbWgj+yWyFsSx9fr0Q7g@mail.gmail.com' \
    --to=ian.a.n.grant@googlemail.com \
    --cc=guile-devel@gnu.org \
    --cc=nalaginrut@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).