On 01-Mar-2000 Derek Callaway wrote: > (gdb) #0 getenv (name=0x40111a70 "") at ../sysdeps/generic/getenv.c:88 >>From this gdb session, it appears that there _could_ be a problem with > the way that glibc's time functions behave. No. getenv() fails because *envp, argc, **argv are AFTER pathname[] buffer and gets overwritten. Of course, it is still exploitable. -- * Fido: 2:480/124 ** WWW: http://www.freebsd.lublin.pl ** NIC-HDL: PMF9-RIPE * * Inet: [EMAIL PROTECTED] ** PGP: D48684904685DF43 EA93AFA13BE170BF *
- [ Hackerslab bug_paper ] Linux dump buffer over... ±è¿ëÁØ KimYongJun (99Á¹¾÷)
- Re: [ Hackerslab bug_paper ] Linux dump bu... H D Moore
- Re: [ Hackerslab bug_paper ] Linux dump bu... Brett Lymn
- Re: [ Hackerslab bug_paper ] Linux dump bu... Eugene Teo
- Re: [ Hackerslab bug_paper ] Linux dum... Derek Callaway
- Re: [ Hackerslab bug_paper ] Linux... Przemyslaw Frasunek
- Re: [ Hackerslab bug_paper ] Linux dump bu... Derek Callaway
- Re: [ Hackerslab bug_paper ] Linux dum... Przemyslaw Frasunek
- Re: [ Hackerslab bug_paper ] Linux... Ronald Huizer
- Re: [ Hackerslab bug_paper ] Linux dump bu... Lamagra Argamal