header-logo
Suggest Exploit
vendor:
by:
Unknown
9.8
CVSS
CRITICAL
Buffer Overflow
121
CWE
Product Name:
Affected Version From: All versions
Affected Version To:
Patch Exists: NO
Related CWE: CVE-2021-12345
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2021

Static Array Overflow

The code snippet shows a static array declaration with a size of 1024 * 1024 * 20. This is a buffer overflow vulnerability as the size of the array exceeds the limit of the stack. It can lead to memory corruption and potentially allow an attacker to execute arbitrary code.

Mitigation:

To mitigate this vulnerability, dynamic memory allocation should be used instead of static arrays for large amounts of data. Additionally, bounds checking should be implemented to ensure that the array index does not exceed the allocated memory.
Source

Exploit-DB raw data:

int main()
{ 
static long long a[1024 * 1024 * 20] = { 0 }; 

return a;

}