Qualifier Challenge - NRFIN_00004

Original Versions

Known Vulnerabilities

  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • CWE-122 - Heap-based Buffer Overflow
  • CWE-125 - Out-of-bounds Read
  • CWEs are listed as indicated by the challenge author.


  • TECHx: 1.42
  • CodeJitsu: 0.7
  • Disekt: 0.0
  • Shellphish: 0.0
  • FuzzBOMB: 0.0
  • DeepRed: 0.0
  • The maximum score for each challenge in CQE is 4, following the CQE Scoring Document.

Passed consensus evaluation

Proved a POV in reference challenge

Defense against reference POVs

  • TECHx: 100.0% - CB1
  • CodeJitsu: 100.0% - CB1

No submission

  • Eighth Place Team
  • Eleventh Place Team
  • Fifth Place Team - Finalist
  • First Place Team - Finalist
  • Fourth Place Team - Finalist
  • Ninth Place Team
  • Second Place Team - Finalist
  • Seventh Place Team - Finalist
  • Sixth Place Team - Finalist
  • Tenth Place Team
  • Third Place Team - Finalist
  • Thirteenth Place Team
  • Twelfth Place Team

All Submissions

Author Information

"Ben Schmidt" info@narfindustries.com

DARPA performer group

Narf Industries (NRFIN)


The HeartThrob group wants to bring the services its authors provide to the masses, and contracted out the construction of a new server application to do so. Now everyone can enjoy talking with their favorite historical writers!

Feature List

Talk with your favorite Romantic authors!

They're actually bots, but with our patented translation technology, you'll never know the difference.

Ask Elizabeth Barrett Browning to count the ways she loves you! Try to convince Edgar Allen Poe to speak to you! Ask John Keats to recite his poetry! Even get writing advice from Shakespeare himself!

All this and possibly more with the HeartThrob group's latest creation!


These are multiple vulnerabilities in this CB. 1) Memory leak via Shakespeare due to using the source buffer 1) BOF via Shakespeare replacing "has" with "hath". 2) BOF via Edgar Allen Poe appending 'Quoth the Raven, "Nevermore."' when the string "Lenore" is in user input

Generic class of vulnerability

Buffer overflow Memory disclosure

CWE classification

CWE-120: Buffer Overflow CWE-122: Heap-Based Buffer Overflow CWE-125: Out-of-bounds Read


  • Finding and patching multiple vulnerabilities correctly. It is possible for patches to only partially fix each vulnerability.
  • Dealing with large number of branches introduced by autogenerated trie code.
  • Reasoning about possibility of response expansion/contraction leading to buffer overflow / memory leakage.
  • Tracing control flow through function pointers.
  • Knowing Shakespeare was not a Romantic author.

Curated by Lunge Technology, LLC. Questions or comments? Send us email