infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

"stack overflow" in exploits most likely means "stack bof". In aux modules, it's "stack exhaustion"

unstable
sinn3r 2012-02-05 17:48:05 -06:00
parent caee1bba28
commit 2d35cf4b66
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
tools/msftidy.rb
View File

@ -89,12 +89,13 @@ def check_single_file(dparts, fparts, f_rel)
# If an exploit module mentinos the word "stack overflow", chances are they mean "stack buffer overflow".
# "stack overflow" means "stack exhaustion". See explanation:
# http://blogs.technet.com/b/srd/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx
# However, we will avoid flagging this term in auxiliary modules for now, because it might be a DoS attack.
# In that case, they might really mean stack exhaustion.
bad_term = true
if content =~ /class Metasploit\d < Msf::Exploit::Remote/ and content.gsub("\n", "") =~ /stack[[:space:]]+overflow/i
bad_term = false
show_missing(f, 'WARNING: contains "stack overflow"', bad_term)
show_missing(f, 'WARNING: contains "stack overflow" You mean "stack buffer overflow"?', bad_term)
elsif content =~ /class Metasploit\d < Msf::Auxiliary/ and content.gsub("\n", "") =~ /stack[[:space:]]+overflow/i
bad_term = false
show_missing(f, 'WARNING: contains "stack overflow" You mean "stack exhaustion"?', bad_term)
end
# check criteria based on individual lines