Type Overflow, technically known as State Controller's Type Buffer Overflow Attack, is a vulnerability in M.U.G.E.N 1.0 and higher that allows for arbitrary code execution at the time of character selection.
As a part of the SuperNull exploit series, it is executed when a character is loaded during the character selection, making it a good alternative to the StateDef Overflow vulnerability as the latter is no longer functional in these engine builds.
Exploit Details
As implied by the vulnerability's technical name, it takes advantage of a Buffer Overflow type vulnerability in the State Controller's type parser. The subject parser's buffer size is assigned to 256 bytes by default, and when a State Controller type line exceeds the assigned size, it will cause the parser's return address to be overwritten, resulting in a potential arbitrary code execution.
Example of an State Controller with a flawed Type parameter to overflow the parser's buffer memory:
[StateDef 255]
[State Sample_Code]
Type = This is a stupidly long text string to overflow the State Controller's Type line: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000¨(Ÿk
Trigger1 = 0
NX Bit
As stated in the exploit series article, shellcodes cannot be directly executed in the program due to the NX Bit protection, so a ROP chain is required in order to make your shellcode executable before jumping to it.