Format string, Return to libc, Integer overflow attack

Format string attack: Format string attack is a computer security vulnerability in C programming which arises when programmers unknowingly use a format string instead of a regular string. For Example, if a programmer has to enter a string as given below:

printf(“%s”, str);

However, instead of typing the code as given above, for saving time he types the below given code.


There’s no problem with the second code, as far as programming is concerned. However, in the second code instead of using a regular string he is using a format string. Now, the user of the program can enter a format string and when printf() is used with format string, it will result in overwriting of the memory. Now, the user can overwrite return address of printf() function on stack. Thus, the program is now vulnerable to attacks. However, the programmer will still presume the code is okay.

Return to libc attack: Return to libc attack is a computer software attack where the attacker uses strcpy() function to copy it’s attack program in to the data segment. libc is a shared library used by C programs. It contains various functions like strcpy(), strcat(), strcmp(), etc. Here, strcpy() function is used for copying a string from one address to another. Format of strcpy() function can be generalized as:

strcpy(str1, str2): Copies str2 into str1

In return to libc attack, the attacker will manipulate the strcpy() function such that the attackers program (shellcode) will be copied to the data segment. This shellcode can now be executed by the attacker.

Integer overflow attack: Integer overflow attack is a computer security vulnerability in C programming which occurs when there is an addition or multiplication of two numbers and the result is greater than the largest integer which could be used for holding the number. Thus, there is an overflow in the integer arithmetic and the C programs will not be able to pick this error. Eventually, the program will store a wrong value. This programming error can be exploited by the attacker by intentionally inserting two numbers in the program which will result in integer overflow. Hence, this type of computer security vulnerability is known as Integer overflow attack.

Leave a Reply