Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Buffer Overflow (operator_string_add) #186
Gravity is vulnerable to a Stack-Buffer-Overflow in the operator_string_add function. ASAN is saying it is a "buffer-underflow" but by looking at gravity under GDB we can see that we are gaining a arbitrary write. This opens up a security risk as a attacker can use this to write passed a static buffer and achieve code execution.