Other Diversions

security

politics

religion

technology

news

friends

Science / Skepticism


Powered by MT Blogroll

Bookmooch!

Mooch/Give books at bookmooch.com

Current Reading List

Recently Read

Latest Music

Reading Queue

« Beware of 5-star software ratings | Juxtaposition Home | Computer failure causes closure of Seattle downtown transit tunnel »

Avoiding URI comparison security bugs in windows APIs

This post is directly related to some work I'm going to be doing so I was happy to stumble across it in my feed reader. 

Bottom line:  Use IUri::IsEqual. 

Future extra credit:  use Reflector to find out what .Net methods for URI comparison there are and if they marshal to the good or bad methods mentioned here...

IEBlog : URI Comparison Functions

Investigating URI parsing related issues in various products, I’ve run across many instances of code erroneously attempting to compare two URIs for equality. In some cases the author writes their own comparison and seems to be unaware of URI semantics and in other cases the author delegates to a Windows provided function that doesn’t quite work for the author’s scenario. In this blog post I’ll describe some of the unmanaged URI comparison functions available to Win32 developers, and a few common mistakes to avoid.

Posted by on January 1, 2008 4:23 PM | |

TrackBack

TrackBack URL for this entry:
https://juxtaposition.axley.net/blog-bin/mt-tb.cgi/737

Post a comment

«« January 2008

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
Contact: Jason Axley

Search Amazon:

Amazon Logo

Search


Tag cloud

Archives by Category

Archives

Recent Posts

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.34