By entering this site you need to consent to the use of cookies and their functional use according to this privacy policy. Cookies help us to provide the functional services of the website. Kindly read the below message of use and consent to the use.
The following cookies are stored and shared when accessing this website:
- Internal cookies for the MediaWiki site. This is used for user authentication and article modifications.
- Third-party cookies from Google providing services for Google AdSense and Google Analytics
We will never use data collected outside of the above scope.
| The game stores some utf-16 messages in the savefile. Right before the message is the length(u32) for the string, the game uses this size to memcpy the message from the savefile to the stack without checking the length. This allows one to overwrite to some function addresses on the stack and form a rop chain.
+
| None
+
| App: Initial Version
+
| September 13, 2018
+
| August, 2018
+
| Kartik
|}
|}
Line 234:
Line 243:
| September 20, 2017
| September 20, 2017
| [[User:Nba_Yoh|MrNbaYoh]]
| [[User:Nba_Yoh|MrNbaYoh]]
−
|-
−
| Unholy Heights
−
| Buffer overflow via unchecked string size
−
| The game stores some utf-16 messages in the savefile. Right before the message is the length(u32) for the string, the game uses this size to memcpy the message from the savefile to the stack without checking the length. This allows one to overwrite to some function addresses on the stack and form a rop chain.