Vulnerability Development mailing list archives
Re: stackguard-like embedded protection
From: Slawek <sgp () TELSATGP COM PL>
Date: Thu, 7 Sep 2000 12:02:01 +0200
Wednesday, September 06, 2000 8:35 PM +0200, Crispin Cowan wrote:
The attached post by Mike Frantzen of Purdue (cc'd) to Bugtraq is an
excellent
This, of course, would work much better if I actually attached Mike's post
:-) The code you've attached can bypass NULL if it follows % ie. "it's a test string %\0something that will be analised when it souldn't - it can contain additional % .." It cannot be exploited in any way other than allowing *more* parameters to printf then %'s .. or segfaulting :) altho' when you try to code something to secure the program you probably should avoid this ;) Bye, Slawek PS. forward it to Mike Frantzen if you wish
Current thread:
- Re: stackguard-like embedded protection, (continued)
- Re: stackguard-like embedded protection typo (Sep 05)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 05)
- Re: stackguard-like embedded protection Benjamin Karas (Sep 05)
- Re: stackguard-like embedded protection Bluefish (P.Magnusson) (Sep 05)
- Re: stackguard-like embedded protection Greg KH (Sep 05)
- Re: stackguard-like embedded protection Juliano Rizzo (Sep 06)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 05)
- Re: stackguard-like embedded protection H D Moore (Sep 05)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 06)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 06)
- Re: stackguard-like embedded protection Slawek (Sep 07)
- Re: stackguard-like embedded protection antirez (Sep 08)
- Message not available
- Re: stackguard-like embedded protection antirez (Sep 12)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 12)
- Re: stackguard-like embedded protection antirez (Sep 12)
- Re: stackguard-like embedded protection antirez (Sep 12)
- Re: stackguard-like embedded protection Crispin Cowan (Sep 12)
- Re: stackguard-like embedded protection Bluefish (P.Magnusson) (Sep 07)