Writing Security Tools and Exploits

The previous chapter focused on writing exploits, particularly format string attacks and race conditions. In this chapter, we focus on exploiting overflow-related vulnerabilities, including stack overflows, heap corruption, and integer bugs.
Buffer overflows and similar software bugs exist due to software development firms' unfounded belief that writing secure code will not positively affect the bottom line. Rapid release cycles and the priority of "time to market" over code quality will never end. Few large software development organizations publicly claim to develop secure software. Most that announce such development usually and immediately receive negative press, especially within the security community, which makes it a point not only to highlight past failures but also discover new vulnerabilities. Due to politics, misunderstandings, and the availability of a large code base, some organizations are consistently targeted by bug researchers seeking fame and glory in the press. Companies with few public software bugs achieve this low profile mainly by staying under the radar.
Ironically, a number of organizations that develop security software also have been subject to the negative press of having a vulnerability in their software. Even developers who are aware of the security implications of code can make errors. On one occasion, a well-known security researcher released a software tool to the community for free use. Later, a vulnerability was found in that software. This is understandable, since everyone makes mistakes and bugs are often hard to spot. To make matters worse, though, the security researcher released a patch that created another...