Format Strings

Previous page
Table of content
Next page

The goal with format string testing is to try to inject input into the format string specifier of certain function calls. Refer to Chapter 9.

Sample Test Cases

Test Case

Description

n n n n

A long string of n sequences will alter the stack.

s s s s

Some implementations don t support n.

d and x

Other common identifiers that could lead to problems.

Review functions

By examining use of functions in Table 9-1 of Chapter 9, Format String Attacks, you can spot these attacks.


Previous page
Table of content
Next page
Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
Year: 2004
Pages: 156
Authors: Tom Gallagher, Lawrence Landauer, Bryan Jeffries
BUY ON AMAZON
Software Configuration Management
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
SQL Hacks
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy