- T'was the night before Christmas, and all through the net,
- not a hacker was stirring, not even FX,
- the servers all hummed in post-purchase daze,
- to await the deluge of gift-card traffic craze,
- The VRT was drinking, three sheets to the wind,
- in order to escape both family and friend,
- Matt, Shong, and Ryan had all left for sushi,
- while somewhere some script kiddy was being real douchey,
- When on Milw0rm was released remote pwn,
- Patrick sprang to his laptop, picked up his cell phone,
- we put down our egg nog, relinquished our tumblers,
- busted out hex editors, checked all the numbers,
- A file template built, Pat now had the vision,
- To find oddness in song tempo, and time division,
- and what in my windbg window should appear,
- but a #DE error, no int overflow here!
- Now checking in IDA, and tweaking edx,
- no memory moved, no additional wrecks,
- not a vuln at all here! Not nearly the same,
- I can't believe we stopped drinking for something so lame!
- The problem's control of four high order bytes,
- when in simple division the quotient's not right,
- the value produced must fit inside a DWORD,
- if the value's too big the proc flips you the bird
- So we've penned you this poem to put you at ease,
- and save you the folly, the stress, (or the tease!),
- so before we get plastered real good and right,
- Merry Christmas to all and to all a good night!
(* In relation to the Windows Media Player "Integer Overflow" posted to milw0rm on Christmas eve.)