Vulnerability Development mailing list archives
RE: Administrivia: List Announcement
From: "Oliver Lavery" <oliver.lavery () sympatico ca>
Date: Fri, 9 Aug 2002 04:17:26 -0400
True, and a very good point. Need to manually add a NULL as the last character for both buffers. In fact, will the for-loop copy ever NULL terminate the string? Glancing at it again, it doesn't seem so. ~ol
-----Original Message----- From: Shafik Yaghmour [mailto:subs () shafik net] Sent: May 13, 2003 3:22 PM To: xenophi1e Cc: vuln-dev () securityfocus com Subject: Re: Administrivia: List Announcement On 13 May 2003, xenophi1e wrote:We'll kick this off with the first challenge, which was devised by Aaron Adams: strncpy(buf2, p2, SIZE);Off-by-one. Third arg should be SIZE-1 to leave room for the terminating NULL. This error should lead to a heap based vulnerability when the memory is free()d.You are assuming there is a terminating NULL, there may not be. Although in this example it does not make a difference, but in a real world program it would probably be bad. Take care -- Those who dream by day are cognizant of many things which escape those who dream only by night. -Edgar Allan Poe
Current thread:
- RE: Administrivia: List Announcement, (continued)
- RE: Administrivia: List Announcement andrewg (May 13)
- Re: vulndev1.c solution (warning SPOILER) Jose Ronnick (May 13)
- RE: vulndev1.c solution (warning SPOILER) Cameron Brown (May 14)
- Re: vulndev1.c solution (warning SPOILER) Jon Erickson (May 14)
- RE: vulndev1.c solution (warning SPOILER) Cameron Brown (May 15)
- Re: vulndev1.c solution (warning SPOILER) Kenji Cronos (May 15)
- Re: vulndev-1 exploit. Joel Eriksson (May 14)
- Re: vulndev-1 exploit. Joel Eriksson (May 14)
- Re: Administrivia: List Announcement xenophi1e (May 13)
- Re: Administrivia: List Announcement Shafik Yaghmour (May 13)
- RE: Administrivia: List Announcement Oliver Lavery (May 13)
- RE: Administrivia: List Announcement Gustavo Scotti (May 13)
- RE: Administrivia: List Announcement Oliver Lavery (May 13)
- Re: Administrivia: List Announcement Eric Haugh (May 13)
- Re: Administrivia: List Announcement Nexus (May 13)
- Re: Administrivia: List Announcement Shafik Yaghmour (May 13)
- Re: Administrivia: List Announcement Thiago Canozzo Lahr (May 13)
- Re: Administrivia: List Announcement Wynn Fenwick (May 13)
- Re: Administrivia: List Announcement Thiago Canozzo Lahr (May 14)
- Re: Administrivia: List Announcement xenophi1e (May 14)
- RE: Administrivia: List Announcement Michael Wojcik (May 14)