/..

#CONTENT

#TOP

#baby-bear-blockchain

Don't you love it when people take perfectly functional rust projects and rewrite them in c?

nc chal.amt.rs 1340

unvariant <-     author pwn <-   category 495 <-     points 2 <-     solves hard <- difficulty

#solution

Relies on a few bugs I found in the firedancer flamenco vm:

  1. address checks can be bypassed using a negative length
  2. out of bounds access of the registers array into the log buffer
  3. out of bounds jump using the CALL_REG instruction

#unintendeds

Nobody solved using an unintended yay.