> ProPolice is not magical, though. There are plenty of cases where it is > totally inefficient. To illustrate a very common one : > [snip oflow of 5-byte buffer] This particular case ``works'' because, by design, propolice will not attempt to protect structures smaller than 16 bytes. This can be changed by a simple gcc recompilation... and it's probably worth doing. Miod
