Analysis on CVE-2013-2551

Introduction

This vulnerability is an integer overflow vulnerability, which involves a signed comparison between a signed integer and an unsigned integer and results in out-of-bound read. The analysis on root cause has already been available online [2][3]. But these talk few about how they locate the root cause in the binary starting from zero knowledge. In this post, I hope to log how I locate the root cause of the vulnerability starting from the crash. Therefore, the post may look tedious but I will try to demonstrate every step I take in my analysis. (more…)