Posts

Showing posts with the label Uninitialized Memory Vulnerability

Integer Overflow Reference: Min & Max Values

Image
A reference for when working with integers, and looking for integer overflows and underflows. When an integer type, such as an int or unsigned short , overflows (the variable is given a value greater than the maximum value it can hold), the integer "wraps around" and becomes the minimum value the type can store. Similarly, when an integer type underflows (the variable is given a value smaller than the maximum value it can hold), the integer "wraps around" and becomes the maximum value the type can store. Use the chart below to find the minimum and maximum values each type can hold. Size Chart Type Size In Bytes Minimum Value Maximum Value char 1 byte -128 +127 unsigned char 1 byte 0 +255 short 2 bytes -32,768 +32,767 unsigned short 2 bytes 0 +65,535 int 4 bytes -2,147,483,648 +2,147,483,647 long 4 bytes -2,147,483,648 +2,147,483,647 unsigned int 4 bytes 0 +4,294,967,295 unsigned long 4 bytes 0 +4,

What Value Is Stored In Uninitialized Variables?

Image
The value in an uninitialized variable is one of: zero, a compiler dependent value (such as 0xCC's in visual studio), or data previously stored in that memory location (old data). Types of Uninitialized Variables And Their Values Classic C/C++ Uninitialized Stack Variables The classic type of uninitialized variables are local function variables written in a low level language (such as C/C++). You would think when these variables are left uninitalized they would simply save the last value they were give. However, there is a catch: when code is compiled in debug mode, the compiler may inject its own code that initializes empty variables to a default value. This is done to protect against vulnerabilities (more on this later), and to more easily detect bugs by giving the variable a bogus value that can be easily identified as uninitialized if it is for example printed to the screen. Below, a  program compiled with Visual Studio in debug mode prints an uninitialized variable.