Created
May 13, 2022 13:18
-
-
Save tonetheman/06fc42576692a8b404d13c53cc00e37f to your computer and use it in GitHub Desktop.
shows an overwrite in c (not enough space in the array greeting)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # needed to include the no-stack-protector to make gcc | |
| # be fast and loose with the stack | |
| junk : test.c | |
| gcc -o junk -g -fno-stack-protector test.c | |
| clean : | |
| rm -f ./junk | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| int main() { | |
| // Example 1: An array with not enough space? | |
| // step 1 | |
| // run this and enter ab for the greeting and everything is good | |
| // step 2 | |
| // run this and enter abc and one of the variables will be over written (on my computer) | |
| // step 3 | |
| // run this and enter abcd and BOTH! of the variables will be over written | |
| // step 4 | |
| // run this and enter a string of 12 or 13 characters and you will get a segmentation fault | |
| char a; | |
| char greeting[3]; | |
| char b; | |
| a = 0xff; | |
| b = 0xff; | |
| printf("value of a b before %d %d\n",a,b); | |
| printf("Enter a greeting: "); | |
| scanf("%s", greeting); | |
| printf("value of greeting is %s\n", greeting); | |
| printf("value of a b after %d %d\n",a,b); | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment