Date: Mon, 18 Oct 2004 02:44:23 +0200 From: cpghost@cordula.ws To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: freebsd-questions@freebsd.org Subject: Re: No Buffer Overflow Message-ID: <20041018004423.GB3721@bsdbox.farid-hajji.net> In-Reply-To: <20041018000118.GB664@gothmog.gr> References: <4172F3D2.8040200@uiowa.edu> <20041018000118.GB664@gothmog.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 18, 2004 at 03:01:18AM +0300, Giorgos Keramidas wrote: > The overflow still occurs. You just happen to be overwriting random stack > data. By invoking undefined behavior, after writing past the end of an array, > you shouldn't expect to get predictable results; not even a segmentation fault > is guaranteed. Right. Here's a very good book on this topic, if you're interested: The Shellcoder's Handbook Discovering and Exploiting Security Holes Jack Koziol et. al. Wiley Publishing Inc, ISBN 0-7645-4468-3 http://www.wiley.com/compbooks/koziol/ http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764544683.html > - Giorgos Cheers, -cpghost. -- Cordula's Web. http://www.cordula.ws/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041018004423.GB3721>