Re: Integer & Heap overflows?

[Ron <iago () valhallalegends com>]

The book "Hacking: Art of Exploitation" (ISBN: 1593270070) goes into 
heap overflows, including an example of how to create a root account 
using a simple one.  He also describes shellcode, stack overflows, and 
format string vulnerabilities, among many other things.  Definately a 
very good read, highly recommended.

There is a paper on www.phrack.org (one of the last couple issues) that 
describes Integer overflows in excrutiating details.

Off-by-one, I'm not sure where you can find any information, but all 
that means is that a program is reading past the end of a list because 
they start at 1 instead of 0 or vice versa.  I don't know much about 
exploiting it, though, sorry I can't help you there.

If you want a quick definition of Heap overflows, all it means is that 
you read or write past the end of allocated memory into another piece of 
allocated memory, belonging to a different variable.  That's all it is.

Loptr Chaote wrote:

> Hello!
>
> I was wondering if anyone have good papers/websites lying around
> describing how Integer overflows and Heap overflows (and also the
> "off-by-one"[?] bug, if that is not the same as integer overflow).
>
> I have found several good ones on stack smashing/regular buffer
> overflows, but very little on the above mentioned.
>
> Best regards
> Loptr Chaote
>
>
>