A Study on the Effect of Format String on Secure Programming in C Language 


Vol. 8,  No. 6, pp. 693-702, Dec.  2001
10.3745/KIPSTC.2001.8.6.693


PDF
  Abstract

One of the major characteristics of C language is that it allows us to use pointer type variables to access any area of virtual address space. So, we can read/write/execute from/to virtual memory area not controlled delicately by operating system. We can access such memory area by using format string and it can be a vulnerability of C language from the point of secure programming. In this paper, we analyze in detail the process of security attack based on format string and then exploit a new virus style attack which is stepwise and durable with some actual scenarios to warn the severity of it, and grope for some preliminary responding actions.

  Statistics
  Cite this article

[IEEE Style]

H. B. Lee, H. J. Tcha, H. J. Choi, "A Study on the Effect of Format String on Secure Programming in C Language," The KIPS Transactions:PartC, vol. 8, no. 6, pp. 693-702, 2001. DOI: 10.3745/KIPSTC.2001.8.6.693.

[ACM Style]

Hyung Bong Lee, Hong Jun Tcha, and Hyung Jin Choi. 2001. A Study on the Effect of Format String on Secure Programming in C Language. The KIPS Transactions:PartC, 8, 6, (2001), 693-702. DOI: 10.3745/KIPSTC.2001.8.6.693.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals