Intro on printf vulns
First of all, some links. printf abuses have been extensively documented now,
see
https://tinyhack.com/2014/03/12/implementing-a-web-server-in-a-single-printf-call/
for the infamous "web-server-in-a-single-printf-call" headline, which turns out
to just be a hardcoded shellcode that serves a hello world. We could have
actual turing machines in …
read more