National Institute of Standards and Technology
Package illustrating a test case

Test case 1506

Description

Vulnerability to an exploit using the unlink technique. The programs allocates trhee chucks of memory (lines 29-31). The unbounded strcpy() operation is susceptible to a buffer overflow. The boundary tag can be overwritten by a string argument exceeding the length of first because the boundary tag for the second chunk is located directly following the first buffer.
From "Secure Coding in C and C++" by Robert C. Seacord.
Page 112, Figure 4-12

Flaws

Have any comments on this test case? Please, send us an email.