You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: toy_passwd/README.md
+1-1
Original file line number
Diff line number
Diff line change
@@ -11,4 +11,4 @@ The logic of the program doesn't correspond to an exploit, since some workaround
11
11
### Description
12
12
Code uses a character buffer of 15 allocated bytes to match a password and if it matches the user gets root priveleges (only theoratically). If we input > 15 bytes then the pass variable which is after the allocated character buffer is overwritten and has a non 0 value. Due to this, the password check passes and authentication succeeds even with an incorrect password.
0 commit comments