Secure Coding mailing list archives

Re: Off-by-one errors: a brief explanation

From: Mads Rasmussen <mads () opencs com br>
Date: Fri, 07 May 2004 17:51:15 +0100


Yves Younan wrote:

More details in "Once upon a free()" by 'anonymous' in Phrack 57 article
9 http://www.phrack.org/show.php?p=57&a=9 and in my master thesis, page
48, http://fort-knox.org/thesis.php.


I liked your theses very much, actually I was more interested in how to 
detect the vulnerabilities than the vulnerabilities it self. It's fun to 
play around with buffers to run shell code and such, but it is harder to 
device tools or knowledge to detect these errors.


I found your references really interesting, here are some links, some of 
them not included in the thesis.


Frank Piessens,
<http://www.cs.kuleuven.ac.be/~frank/publications.htm>

A Buffer Overflow Study Attacks & Defenses
by Pierre-Alain Fayolle, Vincent Glaume
http://www.securityfocus.com/data/library/report.pdf

Practical Code Auditing
Lurene A. Grenier
<http://www.daemonkitty.net/lurene/papers/Audit.pdf>

Regards,

Mads

Current thread:

Off-by-one errors: a brief explanation Steven M. Christey (May 05)
- Re: Off-by-one errors: a brief explanation jnf (May 06)
  - RE: Off-by-one errors: a brief explanation Dave Paris (May 06)
  - Message not available
    - Re: Off-by-one errors: a brief explanation Mads Rasmussen (May 07)
- Re: Off-by-one errors: a brief explanation Pascal Meunier (May 07)
- <Possible follow-ups>
- RE: Off-by-one errors: a brief explanation Gary McGraw (May 06)
- Re: Off-by-one errors: a brief explanation Steven M. Christey (May 06)
  - Re: Off-by-one errors: a brief explanation jnf (May 07)