IsBad*Ptr [1] functions are to test whether the memory range specified in the argument list is accessible. Despite the fact they have been banned, they are still being referenced in many binaries shipped with popular applications.
In this post I'm describing the inner working of IsBad*Ptr, the steps the attacker may follow to abuse them, and mention few examples of binaries that have a reference to these banned functions.
more here........http://reversingonwindows.blogspot.com/2014/05/security-implications-of-isbadptr-calls.html
In this post I'm describing the inner working of IsBad*Ptr, the steps the attacker may follow to abuse them, and mention few examples of binaries that have a reference to these banned functions.
more here........http://reversingonwindows.blogspot.com/2014/05/security-implications-of-isbadptr-calls.html