realloc Security Vulnerability | C Programming Tutorial

preview_player
Показать описание
  1. Portfolio Courses
Рекомендации по теме
realloc Security Vulnerability 0:17:48

realloc Security Vulnerability | C Programming Tutorial

Heap Inspection Security 0:05:03

Heap Inspection Security Vulnerability | C Programming Tutorial

C Programming for 0:11:37

C Programming for Advanced - 20. Memory Management - Realloc( )

realloc Basics 0:21:42

realloc Basics

heap memory vulnerability 0:08:29

heap memory vulnerability detection and protection in

How To Safely 0:11:11

How To Safely Handle realloc() Failure | C Programming Example

SoK: Secure Memory 0:18:27

SoK: Secure Memory Allocation

Uncovering “BadAlloc” Memory 0:31:58

Uncovering “BadAlloc” Memory Vulnerabilities in Millions of IoT Devices

L 84: REALLOC 0:19:01

L 84: REALLOC FUNCTION | DYNAMIC MEMORY ALLOCATION | GATE CSE LECTURES | C PROGRAMMING LECTURES

Understanding the Differences 0:01:48

Understanding the Differences in Memory Allocation with realloc in C

Vulns1001 01 Class 0:26:42

Vulns1001 01 Class Intro

C Programming - 0:16:30

C Programming - Dynamic Allocation Bugs (Si to AI)

Heap overflow 1of 0:00:51

Heap overflow 1of 2 #comptiacysa

USENIX Security '24 0:10:02

USENIX Security '24 - ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata.....

Top C Bugs: 0:01:57

Top C Bugs: Malloc use after free

Buffer overrun warning 0:16:55

Buffer overrun warning while writing to dynamic array

memory allocation checks 0:17:19

memory allocation checks on reallocation in c 6529 github

Understanding Heap Corruption 0:03:08

Understanding Heap Corruption Risks with Char Arrays in C++

Dynamic Memory Allocation 0:02:27

Dynamic Memory Allocation using realloc () - realloc() Function in C - Project 84

c Avoiding heap 0:07:47

c Avoiding heap corruption Stack Overflow

Automated Code Repair 0:29:24

Automated Code Repair for Memory Safety

[Vulnerability Analysis] How 0:38:31

[Vulnerability Analysis] How to Fix vulnerabilities in Damn Vulnerable C Program in few Easy Steps!

Memory Management Vulnerabilities 0:12:31

Memory Management Vulnerabilities

The Heap: what 0:09:52

The Heap: what does malloc() do? - bin 0x14

Комментарии
Автор

Hats off to you for explaining everything with such simplicity! At 6:40 you say that they are right next to each other - the difference between P2 and P1's address is 16 bytes - password1 occupies 7 bytes (with null char) so the next 9 bytes between the end of password1 and password 2 have some other random data, right?

ValliNayagamChokkalingam
Автор

I have a question good sir, when i used strcpy in one of your previous videos i remember that it will basically overwrite the current string completly also changing its length to the length of the new string. As i am a bit of a rookie i dont't grasp c completly just now but wouldn't that result in a memory leak for us if the password is smaller than the actuall length we allocated? I dont know exactly how free(password1) would work if we use it then. Thank you very much for the great videos none the less i am learning a lot with them about working closer with the hardware! :)

martiniltner
Автор

the result in my terminal is different (exactly the same code) --> other_ptr string has different value than password1. When I googled it says realloc will automatically free memory if it cannot resize in place.

In order to get similar result with the video i need to set malloc to other_ptr and then do a strcpy(other_ptr, password1). But since I set malloc to other_ptr, it points to an entirely different memory address.

Can you please explain why it's a bit different? Has there been a change / update in C version that made this difference?

pietraderdetective
Автор

16:41 weird, you reserve 7 memory spaces for pasword1 & 2, but yet they are printed consecutive, 3 x 6.

AnalogDude_
Автор

It worked for me until 13.34 or so, i mean before "other ptr string" - there are gibberish stored there. Maybe this vulnerability was closed on Windows. I also tried for cycle and encountered the fact that password 1 was overwritten with gibberish, and password 2 is shown.

Fillmoreb
Автор

This probably changed in newer versions of the compiler(s) aka clang, gcc, etc and/or C standards (I don't really know which one is in charge of patching these vulnerabilities).
I tried it in CLion's memory view and the memory of the old pointer was indeed free'd after reallocating into a new address.

kozmicluis
Автор

So, is it a good idea to clear out the values in the original space by say looping and setting to 0, or use encryption?

gerdsfargen
Автор

Thanks about your great videos. but something that boggle me when i print "other_ptr" it gave me random values not "abc123" as password1 especially they have the same memory address.

abdomohamed
Автор

Since realloc doesn’t clear out the old password1 data, does this mean that it doesn’t free that pointer?

bofa-zifj