Jump to content

Talk:Heap overflow

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by ChrisGualtieri (talk | contribs) at 16:47, 5 December 2013 (Article Class assessment using AWB). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
WikiProject iconComputer security: Computing Start‑class
WikiProject iconThis article is within the scope of WikiProject Computer security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer securityWikipedia:WikiProject Computer securityTemplate:WikiProject Computer securityComputer security
StartThis article has been rated as Start-class on Wikipedia's content assessment scale.
???This article has not yet received a rating on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing.
Things you can help WikiProject Computer security with:
Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...
  • Review importance and quality of existing articles
  • Identify categories related to Computer Security
  • Tag related articles
  • Identify articles for creation (see also: Article requests)
  • Identify articles for improvement
  • Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
  • Find editors who have shown interest in this subject and ask them to take a look here.

one comment I have for this page is that it seems to imply that the only way to exploit a heap overflow is by corrupting malloc meta data, in reality any linked list will do for the pointer exchange, its often possible to exploit heap overflows even without being able to overwrite any linked list pointers by corrupting other data such as function pointers or specific data structure fields...I've written more than my share of heap overflow exploits and in my experience overwriting malloc meta data isn't even the easiest way for most bugs... --Michael Lynn

I suggest to add the following article as an external reference:

A heap of risk, Buffer overflows on the heap and how they are exploited

http://www.heise-security.co.uk/articles/74634

It is an in depth explanation of how buffer overflows occur, how they are exploited and even features a simple heap management implementation for demo purposes. The author FX is a well respected expert in this field.

Please note that I am a heise editor. So I will not add the link myself. Feel free to inform me, if this kind of suggestion is not appreciated.

193.99.145.162 08:40, 12 June 2007 (UTC) / ju (ju at heisec.de)[reply]

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Heap_overflow&oldid=584711193"