Now it is time to allocate the vulnerable buffer. If the previous steps have gone as expected, the allocation
for the vulnerable buffer will end up in one of the holes that we created, and we are ready for the
overflow. The object of the overflow is to overwrite the pNI pointer in the ArrayStorage
object that follows the vulnerable buffer. The new value should be an address in the sled for the
shellcode. Details about the sled will be discussed below, but for now,
note that a typical NOP sled is not appropriate here. After allocation and overflow, the heap should
look as depicted in Figure 6.