L
%l0 “%l7 registers (SPARC), 217
Last In First Out (LIFO), 5
Last Stages of Delirium, The, (LSD) Polish security researcher group , 392, 469
lda instruction (Alpha), 304
ldl instruction (Alpha), 304
ldq instruction (Alpha), 304
ldw, ldb instruction (Alpha), 304
leaf functions (Solaris), 219
Lee, Doug, creator of dlmalloc, 83
length checks on user input, 395
length of buffers, finding, 89
length specifiers
off_t , 395
size_t , 395
library functions
memcpy , 462
sprintf , 466
strcat , 466
strcpy , 466
strlen , 462 “463
LIFO (Last In First Out), 5
Linux
dynamic linking, 270
ELF file, 107
exception handling, 116
format string bugs , 55
processes, 44 “45
sharefuzz tool, 364
system calls, 36 “37
versions, 501
Linux shellcode
CALL instruction, 49 “50
creating, 50 “53
define byte (DB) directive, 50
defined, 35
exit() , 38 “41
exit_group() , 41 “42
hardcoded addresses, 49
hexadecimal opcodes, 35
injectable, 42 “44
jump instruction, 49
null characters , 42 “44
placeholders, 50 “51
POP ESI instruction, 49 “50
relative addressing, 49 “50
size considerations, 39
spawning, 44 “49
testing, 53
listen system call (Solaris), 222
Litchfield, David
Exploiting Windows NT 4 Buffer Overruns (article), 341
"HackProofing Oracle Application Server" (paper), 407 “408
Non-Stack Based Exploitation of Buffer Overrun Vulnerabilities on Windows NT/2000/XP (article), 341
Oracle extproc overflow, 406 “410
SQL-UDP bugs, 415
LoadLibraryA() Win32 bug, 118
LocalAlloc() function (Windows), 168
LocalFree() function (Windows), 168
locating the process descriptor
stack lookup, 558
sysctl system call, 558 “560
logic errors
generic logic errors, 388
kernel-level, 530
LogonUser() function, 114 “115
loop constructs
binary auditing, 459
buffer overflow vulnerabilities, 392
crackaddr function (Sendmail), 392
for loops , 459 “460
source code auditing, 392
while loops, 459 “460
Lotus Domino view ACL bypass bug, 414
LSD (Last Stages of Delirium), The, Polish security researcher group, 392, 469
