{"id":533,"date":"2015-08-31T12:48:15","date_gmt":"2015-08-31T03:48:15","guid":{"rendered":"http:\/\/naraeon.net\/?p=533"},"modified":"2024-09-24T22:43:38","modified_gmt":"2024-09-24T13:43:38","slug":"%eb%8d%b8%ed%8c%8c%ec%9d%b4%ec%99%80-%ec%8b%9c%ed%81%90%ec%96%b4-%ec%bd%94%eb%94%a9","status":"publish","type":"post","link":"https:\/\/www.naraeon.net\/en\/%eb%8d%b8%ed%8c%8c%ec%9d%b4%ec%99%80-%ec%8b%9c%ed%81%90%ec%96%b4-%ec%bd%94%eb%94%a9\/","title":{"rendered":"\ub378\ud30c\uc774\uc640 \uc2dc\ud050\uc5b4 \ucf54\ub529"},"content":{"rendered":"<p>C\ub85c\ub294 \uc2dc\ud050\uc5b4 \ucf54\ub529 \uad00\ub828\ud55c \uc774\uc57c\uae30\ub4e4\uc774 \uc218\ub3c4 \uc5c6\uc774 \uc313\uc5ec\uc788\uc9c0\ub9cc, \ub378\ud30c\uc774\ub85c\ub294 \ub9ce\uc774 \uc5c6\ub2e4.<br \/>\n<a href=\"http:\/\/tech.devgear.co.kr\/index.php?mid=delphi_qna&#038;category=3447&#038;sort_index=regdate&#038;comment_srl=7333&#038;page=14&#038;document_srl=406010\">\ub370\ube0c\uae30\uc5b4\uc5d0 \uc62c\ub77c\uc628 \ubb38\uc758<\/a>\ub294 \ubb34\uc2dc\ub2f9\ud55c \uac83\uc73c\ub85c \ubcf4\uc778\ub2e4.<\/p>\n<p>\ub378\ud30c\uc774\ub294 \uacfc\uc5f0 \ubcf4\uc548 \uad00\ub828\ud55c \ubb38\uc81c\uac00 \uc5c6\ub294\uac00? \ud558\uba74 \uadf8\ub807\uc9c0 \uc54a\ub2e4. \uc0ac\uc2e4 \ub2f9\uc5f0\ud55c \uac8c <a href=\"http:\/\/book.naver.com\/bookdb\/book_detail.nhn?bid=9052197\">\uc790\ubc14 \uc2dc\ud050\uc5b4 \ucf54\ub529 \uac00\uc774\ub4dc<\/a>\ub3c4 \ub098\uc624\ub294 \uc138\uc0c1\uc5d0, \ub124\uc774\ud2f0\ube0c \uc5b8\uc5b4\uac00 \uc548\uc804\ud558\ub9ac\ub77c\uace0 \uc0dd\uac01\ud558\ub294 \uac8c \ub108\ubb34 \uc21c\uc9c4\ud55c \uc0dd\uac01 \uc544\ub2cc\uac00.<\/p>\n<p><a href=\"http:\/\/archive.hack.lu\/2009\/exploiting_delphi.pptx\">\uc774 \uc2ac\ub77c\uc774\ub4dc<\/a>\ub97c \ubcf4\uba74 \uc54c\uaca0\uc9c0\ub9cc \ub378\ud30c\uc774\ub294<\/p>\n<ul>\n<li>\uba85\uc2dc\uc801 \uc678\uacfd \uccb4\ud06c\ub3c4 \uc5c6\uace0(\ubc30\uc5f4 \ub4f1\uc744 [0..X]\ub85c \uc120\uc5b8\ud55c\ub2e4\uace0 \ud574\uc11c \uc800 \ubc94\uc704\ub97c \uccb4\ud06c\ud574 \uc8fc\uc9c0 \uc54a\ub294\ub2e4\ub294 \uc774\uc57c\uae30\ub2e4)<\/li>\n<li>\uc2a4\ud0dd \uce74\ub098\ub9ac\uc544\ub3c4 \uc5c6\uace0(\uc989 \uc2a4\ud0dd\uc744 \uc774\uc6a9\ud55c \uacf5\uaca9\uc5d0 \ubb34\ubc29\ube44\ud558\ub2e4\ub294 \uc774\uc57c\uae30\ub2e4)<\/li>\n<li>SEH \ubc29\uc5b4\ub3c4 \uc5c6\ub2e4<\/li>\n<\/ul>\n<p>\uc2ac\ub77c\uc774\ub4dc\uc5d0\uc11c \ubcf4\uc774\ub4ef \ub378\ud30c\uc774\ub294 2015\ub144 \ud604\uc7ac \ubcf4\uc548 \uba74\uc5d0\uc11c C\uc640 \ube44\uc2b7\ud55c \uc218\uc900\uc784\uc5d0\ub3c4 \ubd88\uad6c\ud558\uace0 \ubcf4\uc548 \uc7a5\uce58\ub294 \ub354 \uc801\ub2e4. \uadf8\ub7fc\uc5d0\ub3c4 \ubd88\uad6c\ud558\uace0 Overflow Checking\uacfc Range Checking\uc744 \ub458 \ub2e4 \ucf24 \uc218\ub294 \uc5c6\ub294 \uac8c, C\uc758 \uc720\uc0ac \uae30\ub2a5\ub9cc\ud07c \uc644\uc804\ud558\uc9c0\ub3c4 \uc54a\uc740 \uae30\ub2a5\ub4e4\uc774 \uc18d\ub3c4\uc5d0 \uc601\ud5a5\uc744 \uc8fc\ub294 \uc218\uc900\uc740 \uc5c4\uccad\ub098\uae30 \ub54c\ubb38\uc774\ub2e4. \ub098\ub798\uc628 \ud234 \uac1c\ubc1c \ub3c4\uc911 \ud55c \ubc88 \ucf1c\ubd24\ub2e4\uac00 \ud504\ub85c\uadf8\ub7a8\uc774 \uc5c4\uccad\ub098\uac8c \ub290\ub824\uc9c0\ub294 \ubc14\ub78c\uc5d0 \ub2e4\uc2dc \uaed0\ub358 \uacbd\ud5d8 \uc774\ud6c4, \ud574\ub2f9 \uae30\ub2a5\ub4e4\uc740 \ub098\ub3c4 \uc548 \uc4f0\uace0 \uc788\ub2e4.<\/p>\n<p>\ub378\ud30c\uc774 \uc138\uacc4\ub294 \ub808\uac70\uc2dc \ucf54\ub4dc\uac00 \uc9c0\ubc30\ud558\uae30 \ub54c\ubb38\uc5d0 <a href=\"\/\/ibeblog.com\/2011\/05\/29\/delphi-remove-directory-recursively\/#sthash.rVw7NeGx.dpbs\">2011\ub144<\/a>\uc5d0\ub3c4 <a href=\"\/\/www.delmadang.com\/community\/bbs_view.asp?bbsNo=3&#038;bbsCat=43&#038;indx=196344&#038;page=46\">2004\ub144<\/a>\uc5d0 \uc4f0\ub358 \uc5c4\uccad\ub098\uac8c \uc704\ud5d8\ud55c \ucf54\ub4dc\uac00 \ub3cc\uc544\ub2e4\ub2cc\ub2e4. (\uc548\uc804\ud55c \ucf54\ub4dc\ub97c \ucc3e\ub294\ub2e4\uba74 <a href=\"https:\/\/www.naraeon.net\/%EB%8D%B8%ED%8C%8C%EC%9D%B4%EC%99%80-%EC%8B%9C%ED%81%90%EC%96%B4-%EC%BD%94%EB%94%A9-%EC%95%88%EC%A0%84%ED%95%9C-%EB%94%94%EB%A0%89%ED%86%A0%EB%A6%AC-%EC%A0%9C%EA%B1%B0-%EB%B0%A9%EB%B2%95\/\">\uc774 \ucabd<\/a>\uc774\ub2e4.) \ubcf8\uac00\uc778 C\uc5d0\uc11c\ub3c4 \uc0ac\uc7a5\ub41c\uc9c0 \uc774\ubbf8 \uc624\ub798\ub418\uc5c8\uc73c\ub098, \ub378\ud30c\uc774\ub294 String\ucabd\ub9cc \uc2e0\uacbd\uc4f0\uae30 \ub54c\ubb38\uc5d0 _s \uc635\uc158\uc774 \ubd99\uc740 \uc548\uc804\ud55c \ud568\uc218 \ub530\uc704\ub294 \uc874\uc7ac\ud558\uc9c0 \uc54a\ub294\ub2e4. \uc694\uc998\uc5d0\ub294 \uc5b4\ub5bb\uac8c \ub418\uc5c8\ub294\uc9c0\ub97c \uac80\uc0c9\ud574\ubd24\ub354\ub2c8 strpcpy\ub294 deprecated \ucc98\ub9ac\ub418\uc5c8\uc73c\ub098, \uadf8 \uc774\uc720\ub294 <a href=\"\/\/stackoverflow.com\/questions\/31076244\/strpcopy-is-deprecated-what-is-the-alternative\">\ub124\uc784\uc2a4\ud398\uc774\uc2a4\uac00 \uc62e\uaca8\uac14\uae30 \ub54c\ubb38<\/a>\uc774\uc9c0 \ubcf4\uc548 \ud568\uc218 \ub54c\ubb38\uc774 \uc544\ub2c8\uc5c8\ub2e4. (\ud639\uc2dc \ub378\ud30c\uc774\ub77c\uc11c \ubc94\uc704 \uccb4\ud06c\ub97c \ud574\uc904\uac70\ub77c\uace0 \uc0dd\uac01\ud588\ub2e4\uba74 \uafc8 \uae68\uc2dc\ub77c. <a href=\"http:\/\/docwiki.embarcadero.com\/Libraries\/XE7\/en\/System.AnsiStrings.StrPCopy\">\uc5ec\uae30<\/a>\uc5d0 \ub098\uc624\ub4ef \uc0c8\ub85c\uc6b4 \ub124\uc784\uc2a4\ud398\uc774\uc2a4\uc5d0 \ub4e4\uc5b4\uac04 \ud568\uc218\uc5d0\ub3c4 \ubc94\uc704 \uccb4\ud06c\uac19\uc740 \uac74 \uc5c6\ub2e4.)<\/p>\n<p>\ub378\ud30c\uc774\uc5d0\uc11c \uc81c\uacf5\ud574\uc8fc\uc9c0 \uc54a\ub294 \ubd80\ubd84\uc740 \uc5b4\uca54 \uc218 \uc5c6\ub2e4\uace0 \uce58\uace0, \uc6b0\ub9ac\uac00 \ud560 \uc218 \uc788\ub294 \uae30\ubcf8\uc801\uc778 \uc870\uce58\ub4e4\uc744 \ud655\uc778\ud574\ubcf4\uc790.<\/p>\n<ul>\n<li>NX, ASLR \uc801\uc6a9<br \/>\n\ud504\ub85c\uc81d\ud2b8 \ud30c\uc77c\uc5d0 {$SETPEOPTFLAGS $140}\ub9cc \uc368\uc8fc\uba74 \ub9e4\uc6b0 \uac04\ub2e8\ud558\uac8c \uc801\uc6a9\uc774 \uac00\ub2a5\ud558\ub2e4. \ubb34\uc11c\uc6b4 \uc138\uc0c1\uc5d0 \ubcf4\uc548\uc5d0 \uc801\uc796\uc740 \ub3c4\uc6c0\uc744 \uc8fc\ub294 \uae30\ub2a5\ub4e4\uc774\ub2c8 \ub9dd\uc124\uc774\uc9c0 \ub9d0\uace0 \uc801\uc6a9\ud558\uc2dc\ub77c. \ub354\uad70\ub2e4\ub098 \uc801\uc6a9\uc774 \uc5c4\uccad\ub098\uac8c \uac04\ub2e8\ud558\uc9c0 \uc54a\uc740\uac00?<\/li>\n<\/ul>\n<ul>\n<li>strp&#8230;\ub958 \uc0ac\uc6a9 \uae08\uc9c0<br \/>\n\ub378\ud30c\uc774\uc758 \uc8fc\ub825 String\uc740 String \ud615\uc774\uc9c0 PChar\ub958 \ud615\uc774 \uc544\ub2c8\ub2e4. \ucd5c\ub300\ud55c String\uc744 \uc4f4 \ud6c4 \uc815\ub9d0 \ub9c8\uc9c0\ub9c9\uc5d0\ub9cc PChar\ub85c \ubc14\uafd4\uc11c \ub118\uae30\uc2dc\ub77c. \ubc14\uc6b4\ub4dc\ub97c \uc9c0\uc815\ud560 \uc218 \uc788\ub294 StrLP&#8230;\ub958\ub97c \uc4f0\uba74 \ub418\uc9c0 \uc54a\uaca0\ub0d0? \ud558\uaca0\uc9c0\ub9cc <a href=\"http:\/\/book.naver.com\/bookdb\/book_detail.nhn?bid=8591354\">C &#038; C++ \uc2dc\ud050\uc5b4 \ucf54\ub529<\/a>\uc5d0\uc11c \uc9c0\uc801\ud558\ub294 \ubc14\uc640 \uac19\uc774 \uc774\ub7f0 \ud568\uc218\ub4e4\uc5d0\ub3c4 \ubb38\uc81c\uac00 \uc788\ub2e4. \ud574\ub2f9 \ubc14\uc6b4\ub4dc\uac00 \ub118\uc5b4\uc11c \ub05d\ub0ac\ub294\uc9c0 \uc544\ub2c8\uba74 \ud574\ub2f9 \ubc14\uc6b4\ub4dc \uc804\uc5d0 \uc815\uc0c1\uc801\uc73c\ub85c \uc885\ub8cc\uac00 \ub418\uc5c8\ub294\uc9c0\ub97c \uc54c \uc218 \uc5c6\ub2e4\ub294 \uc810\uc774\ub2e4. \uc774\ub7f0 \ubb38\uc81c\ub294 \uc2a4\ud2b8\ub9c1 \uc798\ub9bc\uc73c\ub85c \uc778\ud55c \ub2e4\ub978 \ubcf4\uc548 \ucde8\uc57d\uc810\uc744 \ub9cc\ub4e4\uc5b4\ub0bc \uc218 \uc788\ub2e4.<\/li>\n<\/ul>\n<ul>\n<li>64\ube44\ud2b8 \ucef4\ud30c\uc77c<br \/>\nSEH\uac00 64\ube44\ud2b8 \ud50c\ub7ab\ud3fc\uc5d0\uc11c\ub294 <a href=\"http:\/\/www.tortall.net\/projects\/yasm\/manual\/html\/objfmt-win64-exception.html\">\uc2a4\ud0dd\uc774 \uc544\ub2cc PDATA\ub85c \uc62e\uaca8\uac00\uc11c<\/a> 64\ube44\ud2b8 \ucef4\ud30c\uc77c\uc744 \ud558\uac8c \ub418\uba74 SEH \ubc29\uc5b4\uac00 \ud544\uc694\uc5c6\uc5b4\uc9c4\ub2e4. \ub378\ud30c\uc774 \uae30\ubcf8 \ud568\uc218\ub4e4\ub3c4 64\ube44\ud2b8 \ubc84\uc804\ubd80\ud130 SSE \ub4f1 \uc0c8\ub85c\uc6b4 \uba85\ub839\uc5b4 \uc14b\uc744 \uc801\uc6a9\ud558\ub2c8, \uacbd\uc6b0\uc5d0 \ub530\ub77c \uc18c\uc18c\ud55c \uc131\ub2a5 \ud5a5\uc0c1\uc774\ub77c\ub294 \ubd80\uac00\uc801\uc778 \uc774\uc810\ub3c4 \ub204\ub9b4 \uc218 \uc788\ub2e4.<\/li>\n<\/ul>\n<p>\uc774\uc678\uc5d0\ub3c4 \ub9ce\uc740 \ubd80\ubd84\ub4e4\uc774 \uc874\uc7ac\ud558\uc9c0\ub9cc \ub2e4\ub978 \ubd80\ubd84\ub4e4\uc740 \ub530\ub85c \uae00\uc744 \uc4f8 \uc608\uc815\uc774\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>C\ub85c\ub294 \uc2dc\ud050\uc5b4 \ucf54\ub529 \uad00\ub828\ud55c \uc774\uc57c\uae30\ub4e4\uc774 \uc218\ub3c4 \uc5c6\uc774 \uc313\uc5ec\uc788\uc9c0\ub9cc, \ub378\ud30c\uc774\ub85c\ub294 \ub9ce\uc774 \uc5c6\ub2e4. \ub370\ube0c\uae30\uc5b4\uc5d0 \uc62c\ub77c\uc628 \ubb38\uc758\ub294 \ubb34\uc2dc\ub2f9\ud55c \uac83\uc73c\ub85c \ubcf4\uc778\ub2e4. \ub378\ud30c\uc774\ub294 \uacfc\uc5f0 \ubcf4\uc548 \uad00\ub828\ud55c \ubb38\uc81c\uac00 \uc5c6\ub294\uac00? \ud558\uba74 \uadf8\ub807\uc9c0 \uc54a\ub2e4. \uc0ac\uc2e4 \ub2f9\uc5f0\ud55c \uac8c \uc790\ubc14 \uc2dc\ud050\uc5b4 \ucf54\ub529 \uac00\uc774\ub4dc\ub3c4 \ub098\uc624\ub294 \uc138\uc0c1\uc5d0, \ub124\uc774\ud2f0\ube0c \uc5b8\uc5b4\uac00 \uc548\uc804\ud558\ub9ac\ub77c\uace0 \uc0dd\uac01\ud558\ub294 \uac8c \ub108\ubb34 \uc21c\uc9c4\ud55c \uc0dd\uac01 \uc544\ub2cc\uac00. \uc774 \uc2ac\ub77c\uc774\ub4dc\ub97c \ubcf4\uba74 \uc54c\uaca0\uc9c0\ub9cc \ub378\ud30c\uc774\ub294 \uba85\uc2dc\uc801 \uc678\uacfd \uccb4\ud06c\ub3c4 \uc5c6\uace0(\ubc30\uc5f4 \ub4f1\uc744 [0..X]\ub85c [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[34,48,31,47],"class_list":["post-533","post","type-post","status-publish","format-standard","hentry","category-delphi-tip","tag-delphi","tag-secure-coding","tag-31","tag-47"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"en","enabled_languages":["kr","en"],"languages":{"kr":{"title":true,"content":true,"excerpt":false},"en":{"title":false,"content":false,"excerpt":false}}},"_links":{"self":[{"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/posts\/533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/comments?post=533"}],"version-history":[{"count":17,"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/posts\/533\/revisions"}],"predecessor-version":[{"id":1872,"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/posts\/533\/revisions\/1872"}],"wp:attachment":[{"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/media?parent=533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/categories?post=533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.naraeon.net\/en\/wp-json\/wp\/v2\/tags?post=533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}