Archive for January 2012

Widthness Overflow – What? Where? How? Why?   Leave a comment

  • Post Info:
    1. # Author: Flavio do Carmo Junior aka waKKu
      # URL: Author’s Webpage
      # Date: January 28, 2012
      # Category: Assembly, Exploiting, Programming, Security

    As I said in my last post…

    I will be writing 3 quick and quite straightforward posts this week.
    All (partially) inspired by this video: http://www.youtube.com/watch?v=i2fhNVQPb5I (I am a C Programmer) and regarding to stack overflows.

    – 1) Signedness bug
    – 2) Widthness overflow
    – 3) Pointer Subterfuge

    Nothing new I suppose, however, as usual I look forward to demystifying them completely. Therefore, any doubts in any of these bugs, please feel free to comment, elaborate my explation or even curse me by my mistakes.
    All codes will be compiled using 32bits, just because I think it is easier to understand and be tested using VMs.

    2) Widthness Overflow

    Overview
    – Widthness overflow bugs are exactly what the name says. Very similar to signedness bugs seen on my last post.
    Imagine we have a field that must be small and controlable, skimp green as we are, we could declare a 1 byte variable (char) to save some space. The example is 1 byte long, although it could be any size of variable, as long as it is not the maximum size/width (otherwise would be impossible to overflow).

    Code Example:
    Read the rest of this entry »

    Advertisements

    Posted January 28, 2012 by waKKu in Assembly, Exploiting, Programming, Security

    Signedness Bugs – What? Where? How? Why?   1 comment

  • Post Info:
    1. # Author: Flavio do Carmo Junior aka waKKu
      # URL: Author’s Webpage
      # Date: January 28, 2012
      # Category: Assembly, Exploiting, Programming, Security

    Hey guys, how are you doing? Hope everyone is OK.

    I will be writing 3 quick and quite straightforward posts this week.
    All (partially) inspired by this video: http://www.youtube.com/watch?v=i2fhNVQPb5I (I am a C Programmer) and regarding to stack overflows.

    – 1) Signedness bug
    – 2) Widthness overflow
    – 3) Pointer Subterfuge

    Nothing new I suppose, however, as usual I look forward to demystifying them completely. Therefore, any doubts in any of these bugs, please feel free to comment, elaborate my explation or even curse me by my mistakes.
    All codes will be compiled using 32bits, just because I think it is easier to understand and be tested using VMs.

    1) Signedness Bug

    Overview
    – Signedness bugs are those bugs related to miscalculations during coding process. Sometimes we decide to “save” bytes whilst coding and don’t have a full understading of what really happens under the hood.

    Code Example:
    Read the rest of this entry »

    Posted January 28, 2012 by waKKu in Assembly, Exploiting, Programming, Security