Table of Contents Build operating environment Set up debugging and vulnerability environment Extract binary Set up GDB debugging environment File system verification for Fortios Bypass file system verification via patch Planting a backdoor in the file system Vulnerability Reproduction & Vulnerability Analysis exploit Related references Build a running environment You can download the FortiGate virtual […]
Tag: overflow
Analysis of integer overflow problem in embedded C language
Integer overflow is a bit cliché, bla, bla, bla… but it seems that not many people pay attention to it. Integer overflow may lead to buffer overflow, and buffer overflow may lead to various hacker attacks. Today I share an article in the hope that everyone will understand integer overflow, compiler behavior, and how to […]
mybatis-plus reports memory overflow error
Version 3.4.1 Error message Caused by: org.apache.ibatis.builder.BuilderException: Error evaluating expression ‘ew.sqlSegment != null and ew.sqlSegment != ” and ew.nonEmptyOfWhere’. Cause: org.apache.ibatis.ognl. OgnlException: sqlSegment [java.lang.OutOfMemoryError: Java heap space] at org.apache.ibatis.scripting.xmltags.OgnlCache.getValue(OgnlCache.java:48) at org.apache.ibatis.scripting.xmltags.ExpressionEvaluator.evaluateBoolean(ExpressionEvaluator.java:32) at org.apache.ibatis.scripting.xmltags.IfSqlNode.apply(IfSqlNode.java:34) at org.apache.ibatis.scripting.xmltags.MixedSqlNode.lambda$apply$0(MixedSqlNode.java:32) at java.base/java.util.ArrayList.forEach(ArrayList.java:1540) at org.apache.ibatis.scripting.xmltags.MixedSqlNode.apply(MixedSqlNode.java:32) at org.apache.ibatis.scripting.xmltags.TrimSqlNode.apply(TrimSqlNode.java:55) at org.apache.ibatis.scripting.xmltags.MixedSqlNode.lambda$apply$0(MixedSqlNode.java:32) at java.base/java.util.ArrayList.forEach(ArrayList.java:1540) at org.apache.ibatis.scripting.xmltags.MixedSqlNode.apply(MixedSqlNode.java:32) at org.apache.ibatis.scripting.xmltags.IfSqlNode.apply(IfSqlNode.java:35) at org.apache.ibatis.scripting.xmltags.MixedSqlNode.lambda$apply$0(MixedSqlNode.java:32) at java.base/java.util.ArrayList.forEach(ArrayList.java:1540) at org.apache.ibatis.scripting.xmltags.MixedSqlNode.apply(MixedSqlNode.java:32) […]
Stack memory overflow-StackOverflowError
java.lang.StackOverflowError-(thread) stack memory overflow error Stack memory overflow is a very common error that occurs when performing complex operations. The test method below is an example of an infinite loop that adjusts itself. Run this method and you’ll see the familiar yet uncommon java.lang.StackOverflowError: 1 package com.clz; 2 3 import org.junit.Test; 4 5 public class […]
Mobile scroll penetration and scroll overflow solutions
Click on the front-end Q above and follow the public account Reply to join the group and join the front-end Q technology exchange group Scroll penetration Problem description When developing mobile WEB (the same is true for small programs), as shown in the above screen recording, if the page exceeds one screen height and a […]
Stack overflow to getshell analysis and utilization
Ret2text (system and / exist in the source program bin/sh) The control program executes the existing code (.text) of the program itself. Stack overflow, system() function and “/bin/sh” string exist. Modify the return address to the address of the system function through overflow, and then call /bin/sh as a parameter of the function, so that […]
Stack overflow to getshell analysis and utilization
Public account: Control Security EDU to share more technical articles, welcome to follow and discuss and learn together Table of Contents Ret2text (system and /bin/sh exist in the source program) 32-bit program 64-bit program: Ret2libc2 (the address of system in the source program does not exist/bin/sh) Bass segment Gets() function Readelf Ret2libc2 Ret2libc3 (the address […]
ThreadLocal memory overflow demonstration and cause analysis!
Author | Brother Lei Source | Public account: Java Chinese Community Please contact for authorization for reprinting (WeChat ID: GG_Stone) Foreword ThreadLocal translated into Chinese means thread local variable, which means it is a private variable in the thread. Each thread can only operate its own private variable, so it will not cause thread insecurity. […]
CVE-2023-5129 libwebp heap buffer overflow vulnerability impact analysis
Brief description of the vulnerability Recently, Apple, Google, Mozilla, Microsoft and other companies have actively repaired buffer overflow vulnerabilities in the libwebp component. The relevant timeline is as follows: On September 7, Apple released an emergency update to fix the iMessage 0-click vulnerability previously reported by the Citizen Lab of the University of Toronto. The […]
In-depth analysis – How to implement the omission style of inline text overflow?
Single line text overflows into ellipses white-space: nowrap; // Text is forced not to wrap text-overflow: ellipsis; // Change text overflow to ellipsis overflow: hidden; // Overflow text is hidden Multi-line text overflows with ellipses display: -webkit-box; //Convert elements to flexible containers and arrange them in one line -webkit-box-orient: vertical; // Indicates the arrangement of […]