| Title | codeastro Food Ordering System V1.0 Stack-based Buffer Overflow |
|---|
| Description | During a security assessment of the "Food Ordering System" V1.0, a critical Stack-based Buffer Overflow vulnerability was identified in the main executable `food_ordering.exe`. The vulnerability is triggered when the application requests user input. Due to the lack of boundary checks, entering a string of specific length (e.g., a long sequence of 'a's) causes a buffer overflow. Debugging analysis confirmed that the overflow corrupts the CPU registers (specifically `RDI` and `RSI` were observed to be overwritten with `0x61616161...`, the hexadecimal representation of 'aaaa') and eventually leads to an access violation when the program attempts to reference the corrupted memory addresses (e.g., during a locking operation or function return). This flaw allows a attacker to crash the program or potentially execute malicious code. |
|---|
| Source | ⚠️ https://github.com/910biter/cve/issues/3 |
|---|
| User | RuqiZhang (UID 95589) |
|---|
| Submission | 02/14/2026 18:11 (2 months ago) |
|---|
| Moderation | 02/24/2026 18:29 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 347631 [CodeAstro Food Ordering System 1.0 food_ordering.exe stack-based overflow] |
|---|
| Points | 20 |
|---|