Claes Nyberg wrote: > $ cat test.c > int main(int argc,char *argv[]) { > char buf[256]; > > strcpy(buf,argv[1]); > exit(1); > } isn't that source missing a few lines at the top? :) oh, it's not the orignal, argc and argv are "wrong"! you already got some good answers, so i'll just add one question for you: what does exit() return? tricky question don't you think? gera PS: Anyway, don't always believe what everybody said... there are situations where it is exploitable... different platforms, different architectures maybe. And I've seen really creative answers to the problem too -- Gerardo Richarte CORE SECURITY TECHNOLOGIES Florida 141 - 2º cuerpo - 7º piso C1005AAC Buenos Aires - Argentina Tel/Fax: (54 11) 4878-CORE (2673) http://www.corest.com A390 1BBA 2C58 D679 5A71 - 86F9 404F 4B53 3944 C2D0 --- for a personal reply use: Gerardo Richarte <geraat_private>
This archive was generated by hypermail 2b30 : Tue Feb 12 2002 - 14:28:01 PST