Vulnerability Development mailing list archives

Re: buffer overflow???

From: scut () NB IN-BERLIN DE (Sebastian)
Date: Sun, 23 Apr 2000 17:40:40 +0200


On Sun, Apr 23, 2000 at 01:00:25AM -0700, Cyber_Bob wrote:

The attachment explains everything inside itself...


I've taken a quick look on the file and the author seems to be totally
clueless about the C language and what about what a pointer is. Also there
are the weirdest type castings, such as (char *) casted to (char **) and
(char []) casted to (char) etc. If you experience something weird when
running this program it is because the author lacked any serious understanding
of what he is doing. (Hint to the author: use the -Wall option when compiling)

Sorry for being harsh, but we shouldn't allow every C newbie who hasn't
understood how C pointers work yet (which I do not claim to be easy however)
mailing their broken programs to this mailing list claiming it could be
an overflow. This irritates other non-experienced users and doesn't benefit
to anyone.

Cyber_Bob (cyberbob () neteze com)


ciao,
scut

--
- scut () nb in-berlin de - http://nb.in-berlin.de/scut/ --- you don't need a --
-- lot of people to be great, you need a few great to be the best ------------
http://3261000594/scut/pgp - 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07
-- data in VK/USA Mayfly experienced, awaiting transfer location, hi echelon -

Current thread:

Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Bob Fiero (Apr 22)
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Ron DuFresne (Apr 22)
  - Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Su Wadlow (Apr 22)
    - buffer overflow??? Cyber_Bob (Apr 23)
    - Re: buffer overflow??? Przemyslaw Frasunek (Apr 23)
    - Re: buffer overflow??? Sebastian (Apr 23)
    - Re: buffer overflow??? Markus Kern (Apr 23)
    - exploit for W98 long filenameextensions buffer overflow. Laurent Eschenauer (Apr 23)
    - Re: buffer overflow??? Blue Boar (Apr 23)
    - Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. Markus Kern (Apr 23)
- <Possible follow-ups>
- Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Thomas Dullien (Apr 23)
  - Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. John Swensson (Apr 22)
    - Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Ron DuFresne (Apr 22)
    - Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. John Swensson (Apr 22)
    - Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. Su Wadlow (Apr 22)
    - Re: Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions. James Dyson (Apr 23)

(Thread continues...)