From: Tony Williams 

Geo. wrote:
> I'm still not clear, is an API the same thing as printf() would be
> considered? Is an API a library function that is part of the language or
> just a published entry point for whatever DLL you happen to write?

Both of the above - if a separate program can call it then it's an API
function. The API itself is the set of all the API functions.

> IOW, I could create a DLL file with an entry point called Geo, but there is
> no geo() function in C++ so this would not count as something you would
> search thru all source code looking for occurances.

Yes, but if you don't tell anyone else about it then it isn't a *public*
API function and no-one else will be using it, so as far as a discussion of
widespread vulnerabilities goes it might as well be private.

Even so, if geo() were exploited it would be easy to check which programs
used it, either by using something like nm or objdump (?) or simply by
deleting the DLL and seeing what stopped working.

--
Tony

> Geo.
>
> "Tony Williams"  wrote in message
> news:3dea5279$1{at}w3.nls.net...
>
>>I take a public API to mean any entry point to a library function
>>(static, shared, DLL or kernel call) which can be used directly by a
>>third party program. I think that's a pretty standard definition.
>>
>>A private subroutine in a program could be vulnerable in its own right
>>or because it uses a public function which has a weakness. By the same
>>token, several API functions could be vulnerable because they also use
>>the same exploitable API function. That includes third-party DLLs (say)
>>which use the API in their own published API.
>>
>>There are also undocumented API calls which, although accessible to
>>third-party programs, aren't officially supported. There was a flap at
>>one time about Microsoft using these to give its own apps an unfair
>>advantage, but that's a different thread.
>>
>>--
>>Tony
>>
>>Geo. wrote:
>>
>>>Ok I understand somewhat but is a public API the same thing as printf()
>
> or
>
>>>is it more like a subroutine in a program where printf() would be part
>
> of
>
>>>that subroutine?
>>>
>>>Geo.
>>>
>>>"Tony Williams"  wrote in message
>>>news:3de94098{at}w3.nls.net...
>>>
>>>
>>>>We don't seem to be communicating too well I'll admit. Try
this. Given a
>>>>known vulnerability in an app it's easy to get a stack trace of where
>>>>the program is when the exploit happens. From this you can find out
>>>>which, if any, public API function is being exploited. If the exploit
>>>>doesn't involve a public API then it's specific to that app.
>>
>
>

--- BBBS/NT v4.01 Flag-4