Class: FormatStringAttack

void print (char *str) { printf(str); } Call: print("%n") pops 4 bytes off the stack and makes them even accessible for writing (Wil05)

•owl:Thing
        •Attack
                •Threat
        •Threat
                •Attack
                •ActiveAttack
                        •MalformedInput
                                •FormatStringAttack

Super Classes

threatens SOME (_Confidentiality AND _Stack)
threatens ONLY ((_Confidentiality OR _IntegrityAND _Stack)
MalformedInput
threatens SOME (_Integrity AND _Stack)

Abstract Syntax

Class(FormatStringAttack partial restriction(threatens someValuesFrom(intersectionOf(_Confidentiality
                                                                                    _Stack)))
                                restriction(threatens allValuesFrom(intersectionOf(unionOf(_Confidentiality
                                                                                           _Integrity)
                                                                                   _Stack)))
                                MalformedInput
                                restriction(threatens someValuesFrom(intersectionOf(_Integrity
                                                                                    _Stack))))

Usage

Class Description/Definition (Necessary Conditions)

FormatStringMisuse
Generated with OWLDoc