This simple program of pointer generating THREAT Warning and identified as MALWARE. I dont see HOW ?
#include<stdio.h>
#include<conio.h>
#include<iostream.h>
int main()
{
int num;
int *ptr;
ptr=#
cout<<ptr;
cout<<ptr++;
cout<<ptr;
cout<<sizeof(num);
getch();
}
Thanx.
Jump to PostWell ... best to avoid C code style and also avoid pointers in C++ unless REALLY needed ... (C++ has pass by reference)
//#include<stdio.h> // #include <cstdio> // but use <iostream> // #include<conio.h> // don't use to have portable code // #include<iostream.h> // use as belowe ... …
Jump to PostIt's a false positive - both Dev-C++ and Dev-Pascal produce these kind of "viruses" when working with pointers.
Probably the executable generated by the compiler is using some "suspicious" method in order to access the memory (a part of the machine code produced by the compiler is probably looking like …
Well ... best to avoid C code style and also avoid pointers in C++ unless REALLY needed ... (C++ has pass by reference)
//#include<stdio.h>
// #include <cstdio> // but use <iostream>
// #include<conio.h> // don't use to have portable code
// #include<iostream.h> // use as belowe ...
#include <iostream>
#include <string> // added ... //
// need this also in C++
// and ok for students simple code to place here
using namespace std;
int main()
{
int num; // all this next stuff is valid code //
int *ptr;
ptr = #
cout << ptr;
//cout << ptr++; // except this !!! //
// cout<<ptr; // ..... NO memory here KNOWN //
cout << sizeof(num);
// getch(); // don't use for portable code ... use
cout << "\nPress 'Enter' to continue/exit ... " << flush;
string dummy;
getline( cin, dummy );
}
@David W: Thanx for your input, also appreciate quality of your code.
But I was trying to understand why it was considered as a threat by AV ? What makes it a threat ?
It's a false positive - both Dev-C++ and Dev-Pascal produce these kind of "viruses" when working with pointers.
Probably the executable generated by the compiler is using some "suspicious" method in order to access the memory (a part of the machine code produced by the compiler is probably looking like the one that viruses use). This method makes the file look like a virus when it's caught by the heuristic scan (from the AV).
So most likely it's because of the compiler.
After ptr is incremented, it is pointing past the end of the stack frame, so if someone had placed some bad data on the stack in the right location, it could execute malicious code when you access it for the next output statment.
After ptr is incremented, it is pointing past the end of the stack frame, so if someone had placed some bad data on the stack in the right location, it could execute malicious code when you access it for the next output statment.
Following code executes well
#include<stdio.h>
#include<conio.h>
#include<iostream.h>
int main()
{
int num;
int *ptr;
ptr=#
cout<<ptr;
cout<<ptr++;
cout<<ptr;
//cout<<sizeof(num);
getch();
}
It is only after considering this ---> cout<<sizeof(num); statement, the Threat warning is generated.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.