| عنوان | SourceCodester Student Record Management System in C++ V1.0 Stack-based Buffer Overflow |
|---|
| الوصف | The Student Record Management System project contains multiple stack-based buffer overflow vulnerabilities. In the main function, several features (such as “Add New Students” and “View All Student Marks”) use fixed-size char arrays (e.g., data[15] and data[20]) to store user input and file contents but lack length checks. If the input or read data exceeds the array limits, a buffer overflow can occur, causing memory corruption or illegal memory access.
This program contains multiple features that do not constrain the length of inputs from cin or ifstream. Key overflow points include:
1.“Add New Students” feature: Data is assigned to data[15] without length checks during cin >> data for both registration number and name. If input exceeds 15 characters, data will overflow the buffer, potentially corrupting adjacent memory.
2.“View All Student Marks” feature: The data[20] buffer is repeatedly filled by looping through data reads without length checks. If a file entry exceeds 20 characters, it writes past the buffer, leading to memory access errors.
3.“Update Student Marks” feature: Several file write operations directly manipulate offsets without ensuring fixed data lengths. If file contents exceed expected lengths, writing could occur at unintended positions, causing data corruption.
1.Program Crash: Inputting or reading oversized data can lead to buffer overflow, causing memory access errors and program crashes.
2.Potential Arbitrary Code Execution: An attacker could use carefully crafted inputs to overwrite control flow data on the stack, possibly leading to code execution.
3.Data Corruption: Buffer overflow could corrupt adjacent memory locations, leading to unpredictable data or system instability.
An attacker could exploit this vulnerability by entering malicious inputs or modifying the student_record.txt file with data exceeding the buffer limits. During data processing, this buffer overflow could overwrite the stack’s return addresses or control flow information, potentially allowing code injection or denial of service. |
|---|
| المصدر | ⚠️ https://github.com/Hacker0xone/CVE/issues/13 |
|---|
| المستخدم | polaris0x1 (UID 67906) |
|---|
| ارسال | 14/11/2024 09:40 AM (2 سنوات منذ) |
|---|
| الاعتدال | 15/11/2024 03:28 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 284719 [SourceCodester Student Record Management System 1.0 View All Student Marks main تلف الذاكرة] |
|---|
| النقاط | 20 |
|---|