From owner-freebsd-questions@FreeBSD.ORG Mon Oct 18 00:43:11 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7FE6516A4CE for ; Mon, 18 Oct 2004 00:43:11 +0000 (GMT) Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 278FF43D46 for ; Mon, 18 Oct 2004 00:43:11 +0000 (GMT) (envelope-from cpghost@cordula.ws) Received: from bsdbox.farid-hajji.net (bsdbox [192.168.254.3]) by fw.farid-hajji.net (Postfix) with ESMTP id AA1A84ACC9; Mon, 18 Oct 2004 02:42:43 +0200 (CEST) Date: Mon, 18 Oct 2004 02:44:23 +0200 From: cpghost@cordula.ws To: Giorgos Keramidas Message-ID: <20041018004423.GB3721@bsdbox.farid-hajji.net> References: <4172F3D2.8040200@uiowa.edu> <20041018000118.GB664@gothmog.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20041018000118.GB664@gothmog.gr> User-Agent: Mutt/1.5.6i cc: Jason Dusek cc: freebsd-questions@freebsd.org Subject: Re: No Buffer Overflow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Oct 2004 00:43:11 -0000 On Mon, Oct 18, 2004 at 03:01:18AM +0300, Giorgos Keramidas wrote: > The overflow still occurs. You just happen to be overwriting random stack > data. By invoking undefined behavior, after writing past the end of an array, > you shouldn't expect to get predictable results; not even a segmentation fault > is guaranteed. Right. Here's a very good book on this topic, if you're interested: The Shellcoder's Handbook Discovering and Exploiting Security Holes Jack Koziol et. al. Wiley Publishing Inc, ISBN 0-7645-4468-3 http://www.wiley.com/compbooks/koziol/ http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764544683.html > - Giorgos Cheers, -cpghost. -- Cordula's Web. http://www.cordula.ws/