So far we have only heard of the means how taint information can be introduced to the system, and how it is propagated So without dynamic linking there is no advantage over monolithic applications This section covers components in the sense of the COM and how they are used Now that the system knows what service is requested it backs up the CPU context of the process and starts moving the parameters, pointed to by the EBX register, onto the kernel mode stack gerridae for the code examples throughout this section Since QueryInterface is the only possibility for a client to get a hold of an interface that performs the desired actions, QueryInterface is another major building block of the Component Object Model for the code examples throughout this section gerridaedll if network access is required A more sophisticated algorithm is needed to detect whenever data is written to shared memory regions Once an instruction reads a tainted value, a status flag in the virtual CPU indicates that this instruction produces tainted output gerridaeWe encountered exact copies of the hostname as it was given to the application as well as all uppercase incarnations of the same value in ASCII representation