Commit 08311d46 authored by David Gonçalves's avatar David Gonçalves 📖
Browse files


parent c3cc9761
......@@ -40,7 +40,9 @@ Run the tool for all input files:
1. Map content of local variables to know where `\0` appears.
2. If buffer is uninitialized or not null terminated, set its content length until `\0` if we know it or indefinitely if we don't know it.
3. Consider static variables (RIP referenced)
4. Consider direct write access, as a way of corrupting memory (eg. `a[10]=20`), only literal values need to be considered for indexing.
5. Consider `jmp` and conditional statements. `cmp`, `test`, `je`, `jne`
6. Consider `sprintf`, `scanf`, `fscanf`, `snprintf`, `read`
\ No newline at end of file
3. Consider static variables (RIP referenced).
4. Assembly instruction `test`.
5. Consider parameters in the stack (after 6th parameter).
6. Parameters can be literals.
7. File name path may not have `./` as prefix (bug).
8. Functions like `scanf` can receive more arguments and of different types.
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment