It's a fairly clear explanation. Before the language warriors come out in force, I'll mention that it appears that all of the problems turn out to be issues with 1) calling new and 2) C-style casts.
Exploiting the issue requires someone with a detailed knowledge of C++ inner workings. It would have taken me a long time to figure it all out.
Avoiding the issue? Well, most modern C++ doesn't look very much like the problem code for very good reasons.
http://timetobleed.com/defeating-the-matasano-c-challenge-wi...
It's a fairly clear explanation. Before the language warriors come out in force, I'll mention that it appears that all of the problems turn out to be issues with 1) calling new and 2) C-style casts.
Exploiting the issue requires someone with a detailed knowledge of C++ inner workings. It would have taken me a long time to figure it all out.
Avoiding the issue? Well, most modern C++ doesn't look very much like the problem code for very good reasons.