OMG, Buffer overrun!!!!
-
OMG, I found a buffer overrun bug in my software (been a long time since that last one too). I really hope Slashdot and The Register don't hear about it. Even though my software isn't internet enabled and the bug was in the local user UI, you never can tell what Slashdot and The Register might report.... "No good story goes unfictionalized" (LOL, doubt that is even a word) BTW, that is also Oliver Stone's motto. Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
-
OMG, I found a buffer overrun bug in my software (been a long time since that last one too). I really hope Slashdot and The Register don't hear about it. Even though my software isn't internet enabled and the bug was in the local user UI, you never can tell what Slashdot and The Register might report.... "No good story goes unfictionalized" (LOL, doubt that is even a word) BTW, that is also Oliver Stone's motto. Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
Tim Smith wrote: I found a buffer overrun bug in my software ( How do you effectively detect buffer overflows? Is there a tool that helps in doing that? Nish
One Nish is trouble enough.
Imagine 16 of me, dancing wild...
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig: -
Tim Smith wrote: I found a buffer overrun bug in my software ( How do you effectively detect buffer overflows? Is there a tool that helps in doing that? Nish
One Nish is trouble enough.
Imagine 16 of me, dancing wild...
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:* BOOM * Experience!!! User: "After I added another item to the list, BOOM" Really, we are talking first grader bug here. The ones where the software just acts strange is the worst of all. Oh, and the new VC7 buffer overrun check works GREAT. :) Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
-
* BOOM * Experience!!! User: "After I added another item to the list, BOOM" Really, we are talking first grader bug here. The ones where the software just acts strange is the worst of all. Oh, and the new VC7 buffer overrun check works GREAT. :) Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
Tim Smith wrote: Oh, and the new VC7 buffer overrun check works GREAT. That is good news, I can't wait to get VC7 now :-) Regardz Colin J Davies
Sonork ID 100.9197:Colin Testing Current Sig <:jig:>
-
* BOOM * Experience!!! User: "After I added another item to the list, BOOM" Really, we are talking first grader bug here. The ones where the software just acts strange is the worst of all. Oh, and the new VC7 buffer overrun check works GREAT. :) Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
Thanks Tim. But I was basically talking about the remotely exploitable ones through our socket connections :-) Nish
One Nish is trouble enough.
Imagine 16 of me, dancing wild...
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig: -
Tim Smith wrote: Oh, and the new VC7 buffer overrun check works GREAT. That is good news, I can't wait to get VC7 now :-) Regardz Colin J Davies
Sonork ID 100.9197:Colin Testing Current Sig <:jig:>
****Colin Davies wrote: That is good news, I can't wait to get VC7 now Me too. Nish
One Nish is trouble enough.
Imagine 16 of me, dancing wild...
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig: -
Thanks Tim. But I was basically talking about the remotely exploitable ones through our socket connections :-) Nish
One Nish is trouble enough.
Imagine 16 of me, dancing wild...
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:You asking how do hackers find these? Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
-
You asking how do hackers find these? Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
Tim Smith wrote: You asking how do hackers find these? Yeah. Like how do they know that a HELO followed by 300 bytes would crash an SMTP daemon??? Do they keep trying by trial and error? Or do they look at the disassembled source code? Nish Yeah that's me down below ;-)
-
Tim Smith wrote: You asking how do hackers find these? Yeah. Like how do they know that a HELO followed by 300 bytes would crash an SMTP daemon??? Do they keep trying by trial and error? Or do they look at the disassembled source code? Nish Yeah that's me down below ;-)
First off, you can look for things like calls to memcpy, memmove, strcpy. If they have been optimized into the code, you can look for the machine instructions. Then with a little work, you can try to figure out if it might overflow onto the return address in the stack. Tim Smith I know what you're thinking punk, you're thinking did he spell check this document? Well, to tell you the truth I kinda forgot myself in all this excitement. But being this here's CodeProject, the most powerful forums in the world and would blow your head clean off, you've got to ask yourself one question, Do I feel lucky? Well do ya punk?
-
Thanks Tim. But I was basically talking about the remotely exploitable ones through our socket connections :-) Nish
One Nish is trouble enough.
Imagine 16 of me, dancing wild...
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:
:jig::jig::jig::jig:try splint. it's supposed to be a version of lint, and they call it "Secure Programming Lint" or some such thing. i haven't used it though, and also forgot where on the net i found it and why i remember it even, but a simple search on google should do it. :) hmm... impuzible