3 Replies - 221 Views - Last Post: 25 October 2012 - 04:48 PM Rate Topic: -----

#1 Midwest Product  Icon User is offline

  • D.I.C Head

Reputation: 2
  • View blog
  • Posts: 74
  • Joined: 05-February 10

Simple examples of exploitable/nonexploitable buffer overflows

Posted 02 October 2012 - 04:45 AM

Hello, I'm trying to find examples of simple exploitable/nonexploitable buffer overflows. Does anyone have one?

For example, would this be an exploitable buffer overflow?

Char destination[5];
char *source = "LARGER";
strcopy(destination, source);


Is This A Good Question/Topic? 0
  • +

Replies To: Simple examples of exploitable/nonexploitable buffer overflows

#2 Salem_c  Icon User is offline

  • void main'ers are DOOMED
  • member icon

Reputation: 1687
  • View blog
  • Posts: 3,206
  • Joined: 30-May 10

Re: Simple examples of exploitable/nonexploitable buffer overflows

Posted 02 October 2012 - 06:12 AM

> Hello, I'm trying to find examples of simple exploitable/nonexploitable buffer overflows
If there is any buffer overflow, then the program is screwed anyway. So can there be any case which is "non-exploitable"?

I mean, you may not be able to run arbitrary code with a carefully crafted buffer, but causing it to crash counts as denial of service.

Further, any example would be highly specific to a given implementation, and likely to be patched before most people are aware that it even existed.
Was This Post Helpful? 0
  • +
  • -

#3 baavgai  Icon User is offline

  • Dreaming Coder
  • member icon

Reputation: 5846
  • View blog
  • Posts: 12,705
  • Joined: 16-October 07

Re: Simple examples of exploitable/nonexploitable buffer overflows

Posted 02 October 2012 - 06:40 AM

Yes. You crash.

To exploit an overrun, you generally want to be the one writing data into the buffer. There is then a chance you can make the program continue executing somewhere not intended.

However, all scenarios require a compiled program to abuse. All you've shown is potential for abuse.
Was This Post Helpful? 0
  • +
  • -

#4 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 9278
  • View blog
  • Posts: 34,789
  • Joined: 12-June 08

Re: Simple examples of exploitable/nonexploitable buffer overflows

Posted 25 October 2012 - 04:48 PM

Agreed.

Closing.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1