There is a rich history of programming exploitation which makes use of the insecurity of the C memory model. To counteract the threats of memory corruption attacks, several techniques have been implemented. The problem still remains though, and since the programmer is responsible for making all the checks, even the most restrictive protection schemes have their limitations.

Radu is a Junior C/C++ software engineer on the Hubgets Core team. Since memory corruption attacks are something every programmer should be aware of, he came up with the idea of writing the current article, where he explains how some of these memory corruption attacks may happen, indicating a set of solutions that are presently applied to prevent them. You’ll also find a series of tips on how, under specific circumstances, one can use printf to inject instructions even under stiff security constraints.