Aug 20, 2009, 20:04 (0 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)
Full Text Search: The Key to Better Natural Language Queries for NoSQL in Node.js
[ Thanks to Steven J.
Vaughan-Nichols for this link. ]
"What he found was that in some network code, there was
a procedure that included a variable that could be set to NULL (no
value at all). Now, this didn't appear to be a problem because the
programmer also included a test which would return an error-message
if the variable turned out to have a NULL value.
"So far, so good. Unfortunately, the gcc code optimizer on
finding that a variable has been assigned a NULL value removed the
test! This left a hole, that didn't exist in the original program.
Using this hole, and code provided by Spengler, any cracker with
sufficient access to a Linux computer could get into the computer's
memory and, from there, get into all kinds of mischief."