The bug is reading 64k from x -> x+64k. You'd want the key as low as possible in... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

apaprocki on April 11, 2014 | parent | context | favorite | on: The Heartbleed Challenge

The bug is reading 64k from x -> x+64k. You'd want the key as low as possible in memory so the chance of the heap implementation allocating a request below it (thus allowing the +64k to overlap into the key) is next to nil.

pbhjpbhj on April 11, 2014 [–]

So if your key was at an address less than x the bug would never read it, was my point. So I guess that means you'd have to force the UDP datagram payload to be stored high as that dictates what x is?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact