Hi,
On Sun, Mar 06, 2005 at 02:23:08PM +0100, Ulf Harnhammar wrote:
> You can check if it's a stack-based buffer overflow by doing this in
> gdb and seeing if the value of EIP is 0x41414141.
>
> $ export HOME=`blah`
> $ gdb program
> (gdb) r
> [crashes horribly]
> (gdb) bt
> (gdb) i r
> (gdb) q
>
> You might have to try lots of different sizes than 1000 to reach a state
> where you control all of EIP.
Please elaborate. Why exactly 0x41414141 and how or why do I control
all of EIP? Do you know any good introductory papers/URLs about this?
> We have found a bunch of these bugs, and we just file bugs for them.
OK, I'll file bug-reports for such things then.
Uwe.
-- Uwe Hermann <uwe_at_hermann-uwe.de> http://www.hermann-uwe.de | http://www.crazy-hacks.org http://www.it-services-uh.de | http://www.phpmeat.org http://www.unmaintained-free-software.org | http://www.holsham-traders.deReceived on Thu Mar 10 2005 - 12:28:01 GMT