How To Identify Buffer Underwrite Vulnerabilities

From Guidance Share
Jump to navigationJump to search

The following is an example of code that may result in a buffer underwrite, should find() returns a negative value to indicate that ch is not found in srcBuf: 

int main() {
... 
strncpy(destBuf, &srcBuf[find(srcBuf, ch)], 1024);
...
}

If the index to srcBuf is somehow under user control, this is an arbitrary write-what-where condition.

Retrieved from "http://guidanceshare.com/index.php?title=How_To_Identify_Buffer_Underwrite_Vulnerabilities&oldid=4681"