| changeset 403 | 92c49c160b24 |
| parent 402 | fb0c844a26cf |
| child 410 | d0a95f3aa65e |
| 402:fb0c844a26cf | 403:92c49c160b24 |
|---|---|
62 Format string attack |
62 Format string attack |
63 |
63 |
64 ./C4 "%s" |
64 ./C4 "%s" |
65 ./C4 `./args4` |
65 ./C4 `./args4` |
66 |
66 |
67 This vulnerability does not need the defences, but prints out |
|
68 the string only correctly with `./args4`. The %s option needs |
|
69 |
|
70 -mpreferred-stack-boundary=2 |
|
67 |
71 |
68 |
72 |
69 ------------------------------------ |
73 ------------------------------------ |
70 |
74 |
71 to switch off address randomization |
75 to switch off address randomization |