The CTREE is built from the optimized microcode (maturity at CMAT_FINAL
), it represents an AST-like tree with C statements and expressions. It can be printed as C code.
- 2020/12/31, the vulnerability was found by us.
- 2021/01/25, the related details were reported to service@h3c.com.
- 2021/01/28, H3C refused to fix the vulnerability because H3C ER3100 had stopped production several years ago.
- 2021/04/30, 90 days after, we decide to make a disclosure
- Production Name: H3C ER3100
- Firmware version: V201R020
- Vulnerability type: stack buffer overflow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <iostream> | |
#include <cstring> | |
#include <Windows.h> | |
#include <WtsApi32.h> | |
#pragma comment(lib, "Wtsapi32.lib") | |
using namespace std; | |
void GetCurrProcessUser(int pid) | |
{ |