Usually occurs when you attempt to copy data into a buffer without checking for sufficient space, causing data to be overwritten in neighboring cells.
36
votes
9answers
19k views
35
votes
1answer
2k views
“xor eax, ebp” being used in C++ compiler output
I just tried compiling a couple of C++ snippets on VS2010 and analyzed the executables on IDA Pro. Something I noticed is that there most of them have something like the following at the start(shortly ...
32
votes
7answers
3k views
Writing Secure C and Secure C Idioms
"The average man does not want to be free. He simply wants to be safe." - H. L. Menken
I am attempting to write very secure C. Below I list some of the techniques I use and ask are they as secure ...
23
votes
8answers
5k views
What is the difference between a stack overflow and buffer overflow?
What is different between stack overflow and buffer overflow in Programming ?
22
votes
5answers
2k views
Stack Smashing attempt giving segfault
I am trying to do an example from the Smashing the Stack for Fun and Profit in C, but am kind of stuck at a point,
following is the code (I have a 64-bit machine with Ubuntu 64-bit):
int main()
{
...
20
votes
11answers
846 views
Consequences of this buffer overflow?
So here I believe I have a small buffer overflow problem I found when reviewing someone else's code. It immediately struck me as incorrect, and potentially dangerous, but admittedly I couldn't explain ...
19
votes
5answers
2k views
C - how can I invoke buffer overflow [hw, not hacking]?
I got a hw assignment asking me to invoke a function without explicitly calling it, using buffer overflow. The code is basically this:
#include <stdio.h>
#include <stdlib.h>
void g()
{
...
18
votes
1answer
312 views
Why do I get access violations when a control's class name is very, very long?
I subclassed a control in order so I can add a few fields that I need, but now when I create it at runtime I get an Access Violation. Unfortunately this Access Violation doesn't happen at the place ...
16
votes
1answer
2k views
How does a NOP sled work?
I've been cracking my head open and can't find a good source that answers this question. I know that a nop sled is a technique used to circumvent stack randomization in a buffer overflow attack, but I ...
15
votes
3answers
328 views
Special PHP Errors
How can PHP cause memory leaks, buffer overflows, stack overflows and any other errors of such kind? Can PHP even cause such errors?
14
votes
5answers
2k views
How are buffer overflows used to exploit computers?
How are buffer overflows used to exploit computers?
How is one able to execute arbitrary code simply by causing stack or heap overflows?
I understand that portions of the programs memory are ...
14
votes
3answers
2k views
Buffer Overflow Attack
I'm trying to execute a very simple buffer overflow attack. I'm pretty much a newbie to this. So, if this question is stupid, please excuse me :-)
The code:
#include<stdio.h>
...
13
votes
11answers
7k views
What is a buffer overflow and how do I cause one?
I have heard about a buffer overflow and I would like to know how to cause one.
Can someone show me a small buffer overflow example?
New(And what they are used for?)
13
votes
15answers
8k views
What C/C++ tools can check for buffer overflows? [closed]
I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever ...
13
votes
11answers
2k views
What C/C++ functions are most often used incorrectly and can lead to buffer overflows?
I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever ...
Related Tags
c × 188security × 59
c++ × 49
exploit × 37
assembly × 33
shellcode × 30
linux × 28
stack × 28
buffer × 23
stackoverflow × 19
gdb × 16
hacking × 15
string × 12
gcc × 12
stack-smash × 11
x86 × 9
buffer-overrun × 9
java × 9
android × 9visual-c++ × 7
aslr × 6
sockets × 6
memory-management × 6
windows × 5
memory × 5
