Question on environment variable overflow and SIGURG

From: Minchu Mo (morris_minchu@iwon.com)
Date: 01/16/02


Date: 16 Jan 2002 05:04:53 -0000
From: Minchu Mo <morris_minchu@iwon.com>
To: vuln-dev@securityfocus.com


('binary' encoding is not supported, stored as-is)

I am doing some practice on environment variable
overflow on sparc/solaris. But the environment
variable are string based, in other word, I can't have
\x00 byte inside the variable, and as a result, I can't
put the heap address inside cuz this won't be parsed
in correctly. Anybody can tell me wether there is
anyway aroud this?

Also, For SIGURG from OOB signal(in
SPARC/solaris) , will its signal handler block another
SIGURG from re-entering untill the first one got
handled?