On Tue, 12 Feb 2002, Gerardo Richarte wrote:
> Claes Nyberg wrote:
>
> > $ cat test.c
> > int main(int argc,char *argv[]) {
> > char buf[256];
> >
> > strcpy(buf,argv[1]);
> > exit(1);
> > }
>
> isn't that source missing a few lines at the top? :)
> oh, it's not the orignal, argc and argv are "wrong"!
>
> you already got some good answers, so i'll just add one question for you:
>
> what does exit() return? tricky question don't you think?
>
> gera
>
> PS: Anyway, don't always believe what everybody said... there are situations where it is
> exploitable... different platforms, different architectures maybe. And I've seen really
> creative answers to the problem too
>
It is exploitable under HP-UX PA-RISC 1.1 at least...
Check:
http://www.phrack.org/show.php?p=58&a=11
Zhodiac
This archive was generated by hypermail 2b30 : Thu Feb 14 2002 - 10:45:17 PST