On 12:41pm, James Fleming shouted:

' I had an idea. If my input filter doesn't accept any
' binary data on input (ie i check the object type and
' only allow String, Int etc....how can anyone pass a
' overflow payload to the application ?

Does your web application malloc()? (or equiv in other than C)
If you are reserving memory for input data and not checking the payload of
what you're recieving, then you can be hit by a buffer overflow.
It does not matter if the data retireved are in binary or ASCII format,
since the buffer (the allocated memory) would be filled up anyway.

However, if one wishes to do something besides the actual overflow (that
is - flood the buffer), like running arbitrary code - then binary data is
required for execution on the stack.

What's more likely is that you should limit the allowed data input size,
since if you're allowing unlimited amount of data, your server might run
out of RAM and/or disk space (perhaps also bandwidth?), thus creating a
DoS.

Just my 2 cents :-)

Patrik Birgersson

If we knew what it was we were doing,
it would not be called research, would it?

  - Albert Einstein (1879 - 1955)

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]