buffer-overflow

I just found out that there is a STATUS_STACK_BUFFER_OVERRUN and a STATUS_STACK_OVERFLOW. What's the difference between those 2? I just found Stack overflow (stack exhaustion) not the same as stack buffer overflow but either it doesn't explain it or I don't understand it. Can you help me out? Regards Tobias Consider the following stack which grows downward in memory: +----------------+ | some data | | +----------------+ | growth of stack | 20-byte string | V +----------------+ limit of stack A buffer overrun occurs when you write 30 bytes to your 20-byte string. This corrupts entries further

Article can be found here . I'm reading up on smashing the stack and have found myself to be getting stuck on example3.c. 0x80004a3 <main+19>: call 0x8000470 <function> 0x80004a8 <main+24>: addl $0xc,%esp 0x80004ab <main+27>: movl $0x1,0xfffffffc(%ebp) 0x80004b2 <main+34>: movl 0xfffffffc(%ebp),%eax The author indicates that we want to skip from 0x80004a8 to 0x80004b2 and that this jump is 8 bytes; how has the author determined this is 8 bytes? I have recreated the code and sent it through objdump and found that it's not 8 bytes (I am on a 64 bit machine but I've made sure to compile using 32

Can there be buffer overflow/overrun vulnerabilities in completely managed asp.net web portal.If yes how can this be tested. Not unless you exploit the webserver or .NET/ASP.NET stack itself. In the general case, you don't need to worry about buffer overruns. This is one of the major advantages of managed code, garbage collection being perhaps the other major advantage. There are a few edge cases that you should be aware of - any time your managed code interacts with unmanaged code (Win32 API calls, COM interop, P/Invoke, etc) there is a potential for buffer overruns in the unmanaged code,

I am trying to do some experiments with buffer overflows for fun. I was reading on this forum on the topic, and tried to write my own little code. So what I did is a small "C" program, which takes character argument and runs until segmentation fault. So I supply arguments until I get a message that I overwrote the return address with "A" which is 41. My buffer character length, in which I copy my input strings is [5]. Here is what I did in gdb. run $(perl -e 'print "A"x32 ; ') Program received signal SIGSEGV, Segmentation fault. 0x0000000000400516 in main (argc=Cannot access memory at address

I'm trying to learn about stack base overflow and write a simple code to exploit stack. But somehow it doesn't work at all but showing only Abort trap on my machine (mac os leopard) I guess Mac os treats overflow differently, it won't allow me to overwrite memory through c code. for example, strcpy(buffer, input) // lets say char buffer[6] but input is 7 bytes on Linux machine, this code successfully overwrite next stack, but prevented on mac os (Abort trap) Anyone know how to perform a simple stack-base overflow on mac machine? include int main(int argc, char **argv) { char buffer[4]; puts(

After some research i haven't found any paper describing method to do this (no even an unreliable one). It seems that SSP (StackSmashing Protection)/Propolice Canary's are a very good security measure for protecting against some buffer overflows. Over the years various Canary implementations have been broken and then made more secure. What is important is that even despite advanced memory protection buffer overflows are still being exploited on Vista, Windows 7 and Fedora 11... One very important thing to mention is that Canary's only protect the function's call frame (which includes the