...
Another possible vulnerability is the leak of privileged information. In the above example, suppose a user with high privilege feed some secret input into the caller, then caller will pass the info to foo. When doing static code analysis of foo interface, because no parameter is specifiedBecause the way function foo is defined, it is easy to assume there's no way that foo can retrieve info from caller. However, because the value of i is really passed into stack (before the return address of caller), a malicious programmer can change the internal implmentation and copy the value manually and contain it in a less privileged file.
...