Stack overflow concepts

I am having an strugle with this concepts . are they the same thing?

  • Traditional Stack Overflow # overflow AAAAAAAAAAAAAAAAAAAAAAAA
  • Function pointer Overwrite # dereferenced to call another function
  • Saved Return Pointer overwrites # overwriting the return address

A stack overflow is a stack overflow, and that’s it. You overflowed on the stack. What you are calling a “traditional” stack overflow is not useful at all except to make it easier to see your input in hex. Your “Function Pointer Overwrite” is not going to be very realistic in the real world because there’s not often a “win” function to redirect to. “Saved Return Pointer Overwrite” is just another way to abuse a stack overflow. Once you’ve overflowed the stack, it can’t be said where to go from there because it is always going to be application dependent and there will be a near infinite number of ways to go about exploiting from there.

1 Like

Those concepts are not the exact same but they are related. Function pointer overwrites, as well as return pointer overwrites, are possible because of buffer overflows.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.