Hi there!
This video introduces the core ideas behind format string vulnerabilities. We quickly review what is a format string, what is a variadic function, and how arguments are passed to variadic functions. Then we analyze what happens when you let the user decide what format string to use, and how this situation can lead to security issues.
If you're interested in the content of the video and in my work, you can subscribe to my patreon to access a private git server where I host all the notes and assets showcased in the video and much more.
Patreon: / hexdump
Git Server: https://git.hexdump.sh
Thank you very much for watching.
-------------------------
TIMESTAMP
00:00 What's a Format String?
03:03 What's a Variadic Function?
09:55 Is this dangerous?
14:50 Analysis with GDB
21:33 Example 1 - Read local variable
27:22 Example 2 - Write local variable
-------------------------
REFERENCES
printf: https://man7.org/linux/man-pages/man3...
-------------------------
CONTACTS
Patreon: / hexdump
Coffee: https://buymeacoffee.com/hexdump
Git: https://git.hexdump.sh
Blog: https://blog.leonardotamiano.xyz/
Nesta página do site você pode assistir ao vídeo on-line Format String vulnerabilities duração hora minuto segundo em boa qualidade , que foi baixado pelo usuário hexdump 06 Maio 2025, compartilhe o link com seus amigos e conhecidos, no youtube este vídeo já foi visto 1,805 vezes e gostou 90 espectadores. Boa visualização!