poisoned NUL
2014-08-26 17:55:32.327286+00 by Dan Lyke 0 comments
Google Project Zero: The poisoned NUL byte, 2014 edition. Fascinating account of figuring out how to exploit an off-by-one error in glibc's memory allocation code into privilege escalation. Good things to think about for any coder, especially anyone working in C or C++, but also in how we think about building larger systems.