<<< Date Index >>>     <<< Thread Index >>>

Re: [EXPL] (MS04-031) NetDDE buffer overflow vulnerability PoC



On Fri, Dec 31, 2004 at 07:09:02PM +0100, Alberto Garcia Hierro wrote:
> +#define Sleep(x) sleep(x)

This isn't the same thing: under Win32, Sleep is in *milliseconds*, while on
UNIX it's *seconds* - that's going to take a long, long time if you run this.

#ifdef unix
#  ...
#  define Sleep(x)      sleep(((x)+500)/1000)
#  ...
#endif

-- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve@xxxxxxxxxxx