완료됨
a problem of the program in wargame "master_canary"
I found something that looked like a flaw in the program.
In the beginning of main function, size and idx are defined without NULL-initialization. And they has 64bit size because their type is size_t.
size_t size;
pthread_t thread_t;
size_t idx;
char leave_comment[32];
However, when it assigns the values from stdin to these variables, it uses "%d" as format string.
scanf("%d", &idx);
scanf("%d", &size);
In my environment, the initial value of size and idx is not NULL and, they have Non-Null value in upper 32 bit. So it can't handle user's input correctly. If this is not intentional, I think it should be fixed.
#pwnable
작성자 정보
