Newest 'buffer-overflow c' Questions - IT Security Stack Exchange

4

votes

1answer

129 views

Is this fprintf statement potentially vulnerable?

Here's the statement: fprintf(stderr, "Some random string\n"). Is it okay not to have a format specifier, such as %s, even though the statement doesn't take any user input? Is it still potentially ...

asked Apr 2 at 20:20

Paul Ivanivsky
692

5

votes

1answer

469 views

“Hello World” example of a Buffer Overflow attack in many programming languages

I'm looking for a very simple application that has an intentional Buffer Overflow embedded in it. I'm assuming this possible in systems where DEP and ASLR are not being used Ideally (and if ...

professional-education .net buffer-overflow c programming

asked Oct 23 '12 at 1:41

makerofthings7
12.6k331133

4

votes

2answers

685 views

How to get this to buffer overflow?

I'm trying to understand buffer overflow, and am working with a simple piece of code, as below. #include <stdlib.h> #include <stdio.h> #include <string.h> int bof(char *str) { ...

exploit buffer-overflow c

asked Oct 9 '12 at 6:08

nubela
1241

2

votes

1answer

672 views

Stack smashing keep getting segmentation fault

I have a homework assignment to do stack smashing, The exploit code creates a badfile in which the vulnerable file reads and buffer over flow occurs. I have already did the 2 commands below to ...

buffer-overflow c shellcode

asked Oct 7 '12 at 6:47

edelweiss
1111

1

vote

1answer

173 views

Determining the target address in a heap overflow

For a heap overflow to occur and arbitrary code to be executed, the function free() performs the step : hdr->next->next->prev = hdr->next->prev I understand that the address of ...

attacks buffer-overflow c heap-overflow

asked Sep 29 '12 at 18:01

asudhak
1,336315

3

votes

1answer

907 views

Why do I get “Cannot find bound of current function” when I overwrite the ret address of a vulnerable program?

I want to exploit a stack based buffer overflow for education purposes.There is a typical function called with a parameter from main which is given as input from the program and a local buffer where ...

buffer-overflow c

asked Jan 5 '12 at 17:13

curious
1264

14

votes

4answers

643 views

Does compiling from sources “kinda” protects from buffer overflow attacks?

While discussing buffers overflows, somebody told me that compiling your own binary for an application (with specific compilation flags) instead of using the "mainstream binary" makes it more ...

appsec source-code buffer-overflow c

asked Jul 18 '11 at 21:26

Brian Clozel
1734

10

votes

7answers

1k views

Secure memcpy for pure C

Buffer overflows are nothing new. And yet they still appear often, especially in native (i.e. not managed) code... Part of the root cause, is usage of "unsafe" functions, including C++ staples ...

appsec source-code linux buffer-overflow c

asked Apr 20 '11 at 12:01

AviD♦
20.3k545113

Tagged Questions

Related Tags