‘Exploiting Uninitialized Data Bugs’
‘The information has been provided by mercy.’
If you have even read just a handful of man pages before, then you will know all too well that a lot of functions can have undefined behavior . This article attempts to define what exactly undefined behavior refers to when dealing with uninitialized variables, and will give examples of how this could be abused by attackers to control the execution flow of an application. All the examples have been tested and found working on Ubuntu Linux. It is hoped that the reader will extend on the information provided, and look at similar conditions in glibc functions, kernel code, and threaded applications.
All of the example code is written in the C programming language and x86 assembler. As a reader
you should be comfortable in these languages, as well as comfortable in navigating around a
disassembler and man pages.
The whitepaper and example code can be found at: http://www.felinemenace.org/~mercy/papers/UBehavior/UBehavior.zip‘