Gray Hat Hacking: The Ethical Hacker??™s Handbook
306
General Summary
A total number of 7 library functions were analyzed. Counting all
detectable uses of these library calls, a total of 3 was analyzed, of
which 1 were identified as problematic.
The complete list of problems
Results for .sprintf
The following table summarizes the results of the analysis of calls to
the function .sprintf.
Address Severity Description
8049a8a 5 The maximum expansion of the data appears to be
larger than the target buffer, this might be the
cause of a buffer overrun !
Maximum Expansion: 1587 Target Size: 512
Chevarista
In issue 64 of Phrack, in an article entitled ???Automated vulnerability auditing in machine
code,??? Tyler Durden introduced a tool named Chevarista. Chevarista is a proof-of-concept
binary analysis tool implemented for the analysis of SPARC binaries. The tool is only
available upon request from its author. The significant feature of the article is that it presents
program analysis in a very formal manner and details the ways in which control flow
analysis and data flow analysis can be combined to recognize flaws in compiled software.
Some of the capabilities of Chevarista include interval analysis, which is used to deduce
the range of values that variables can take on at runtime and allows the user to recognize
out of range memory accesses; and state checking, which the author utilizes to detect
memory leaks and double free conditions.
Pages:
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552