This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: buffer overflow on cygwin vs solaris.

From: Brian Dessent <brian at dessent dot net>
To: cygwin at cygwin dot com
Date: Wed, 16 Nov 2005 19:23:34 -0800
Subject: Re: buffer overflow on cygwin vs solaris.
References: <7D40F487BB77314D8392F8C910348F6054E4E0@ZMY16EXM65.ds.mot.com>
Reply-to: cygwin at cygwin dot com

Song Ken Vern-E11804 wrote:

>    for (i=0; i<=4028; i++)
>        buffer[i]='A';

Wow.  That's some horrible code.  Hasn't this person heard of memset()?

> On Solaris, it does.
> 
> How do I get the core dump equivalent on cygwin installation?

That's because you're trying to exploit a bug in Solaris.  Cygwin is not
Solaris.  It does not have this vulnerability.  This is a good thing. 
Ideally Cygwin (and any other library for that matter) would have zero
exploitable buffer overflows.  And even if it did, you most certainly
can't expect to use shellcode intended for Solaris under Cygwin.  They
aren't even remotely similar under the hood, so don't expect a single
thing on that page to work.  You'll need to use win32 shellcode
techniques.

If you want to play around with buffer overflows, I suggest that you
create your own buffer and overflow it.  And find a better guide.  There
are plenty of win32-oriented guides to overflowing buffers and executing
your code.

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

References:
- buffer overflow on cygwin vs solaris.
  - From: Song Ken Vern-E11804

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]