Acronyms Everywhere!

Programmers love to create and use acronyms — not just in MUGEN, of course! Since my website focuses on MUGEN, this article will discuss some of the most frequently used acronyms in the MUGEN community.

List

• - ROP: Return-Oriented Programming – Exploit technique where short code fragments ending with return instructions (called gadgets) are chained together to execute arbitrary code. In MUGEN 1.x, this technique was used to bypass DEP and the NX bit.


• - SN: SuperNull – A coding term that refers to exploits that use engine vulnerabilities to allow for arbitrary code execution during the character selection.


• - HN: HyperNull – A coding term that refers to exploits that use engine vulnerabilities to allow for arbitrary code execution during the engine character list loading stage.


• - UN: UltraNull – A coding term that refers to "exploit" Windows' DLL Search Order, to allow for arbitrary code execution during the engine's initialization stage.


• - TD: Tier Defense – Also called SN Defense, is a supernull file that nullifies the engine's exploits, effectively rendering characters nonfunctional. Some of these simply nullify DBOF, which was used to counter dsrugal back in the day.


• - TTSN: Top Tier SuperNull – A term (and acronym) used long time ago, but which has no meaning since “Low Tier SuperNull” and “Mid Tier Supernull” do not exist and all supernulls have the same execution time.


• - DBOF: Def Buffer OverFlow – Also known as StateDef Overflow, is a vulnerability in WinMUGEN takes advantage of a buffer overflow vulnerability in the statedef parser. The subject parser's buffer size is assigned to 64 bytes by default, and when the text of a statedef header exceeds the assigned size, it will cause the parser's return address to be overwritten, resulting in a potential arbitrary code execution.


• - CTBOF: Command Trigger Buffer OverFlow – Also (wrongly) known as Command Overflow or CMDOF, is a vulnerability in WinMUGEN that takes advantage of a buffer overflow vulnerability in the command trigger's text parser. The subject parser's buffer size is assigned to 64 bytes by default, and when a command name string line exceeds the assigned size, it will cause the parser's return address to be overwritten, resulting in a potential arbitrary code execution.


• - FBOF: Flag Buffer OverFlow – Also (wrongly) known as AssertSpecial Overflow or ASOF, is a vulnerability in WinMUGEN that takes advantage of a buffer overflow vulnerability in the AssertSpecial state controller's flag parser. The subject parser's buffer size is assigned to 64 bytes by default, and when an AssertSpecial flag text line exceeds the assigned size, it will cause the parser's return address to be overwritten, resulting in a potential arbitrary code execution.


• - EvalOF: Trigger Evaluator OverFlow – A vulnerability in MUGEN 1.x that takes advantage of a buffer overflow vulnerability in the trigger parser's evaluator function, which is used to process trigger functions. The subject parser's buffer size is assigned by default to 1,668 bytes in 1.0 and 1,156 bytes in 1.1b, and when the string length of an input function trigger exceeds the assigned size, it will cause the parser's return address to be overwritten, resulting in a potential arbitrary code execution.


• - STBOF: State Filepath OverFlow – A vulnerability in MUGEN 1.x that takes advantage of a buffer overflow vulnerability in the state filepath text line, which is used as an entrypoint by the engine to load state files. The subject parser's buffer size is assigned to 2,820 bytes in 1.1b by default, and when a ST filepath string exceeds the assigned size, it will cause the parser's return address to be overwritten, resulting in a potential arbitrary code execution, using ROP. Its execution time is the same as a supernull character.


• - SFFBOF: Sprite Filepath OverFlow – A vulnerability in MUGEN 1.x that takes advantage of a buffer overflow vulnerability in the sprite filepath text line, which is used to pre-load character portraits and icons for the selection screen. The subject parser's buffer size is assignated to 512 bytes by default and when a sprite filepath text line exceeds the assignated size, will cause the parser's return address to be overwritten, resulting in arbitrary code execution, using ROP. Its execution time is the same as a hypernull character.


• - CLBOF: Command Line Buffer Overflow – A vulnerability in WinMUGEN that takes advantage of a buffer overflow vulnerability in the command line text parser, ParseCMDLine, which is used to handle customized parameters. The subject parser's buffer size is assignated to 1024 bytes by default, and when a command line text exceeds the assignated size, causes its return address to be overwritten, resulting in a potential arbitrary code execution.


• - ZIPOF: ZLib Exploit – Also (wrongly) known as ZIP Overflow, is a vulnerability in WinMUGEN that takes advantage on an incorrect ZLib library build, causing the latter to free the stack memory twice, resulting in a potential arbitrary code execution if a special crafted ZIP file is used to control the program flow.