堆栈内存溢出
  简体   繁体   English

为什么GCC不会发生缓冲区溢出?

[英]Why doesn't buffer overflow occur with GCC?

 原文  2015-05-27 14:18:49       c++/ c/ gcc/ buffer/ buffer-overflow

问题描述

I was just recently learning about buffer overflows. 我刚刚学习缓冲区溢出。 I was attempting to replicate it using GCC. 我试图使用GCC复制它。 Here's the code I wrote. 这是我写的代码。 

#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[])
{
    int value = 5;
    char buffer_one[8], buffer_two[8];

    strcpy(buffer_one, "one");
    strcpy(buffer_two, "two");

    printf("[BEFORE] buffer_two is at %p and contains %s\n", buffer_two, buffer_two);
    printf("[BEFORE] buffer_one is at %p and contains %s\n", buffer_one, buffer_one);
    printf("[BEFORE] value is at %p and contains %d\n\n", value, value);

    printf("[STRCPY] copying %d bytes into buffer_two\n\n", strlen(argv[1]));
    strcpy(buffer_two, argv[1]);

    printf("[BEFORE] buffer_two is at %p and contains %s\n", buffer_two, buffer_two);
    printf("[BEFORE] buffer_one is at %p and contains %s\n", buffer_one, buffer_one);
    printf("[BEFORE] value is at %p and contains %d\n\n", value, value);

    return 0;
}

Seems like it should work, right? 好像它应该工作,对吗? Buffer_two and buffer_one are adjacent from each other in memory. Buffer_two和buffer_one在内存中彼此相邻。 

[BEFORE] buffer_two is at 0x7fff56ff2b68 and contains two
[BEFORE] buffer_one is at 0x7fff56ff2b70 and contains one
[BEFORE] value is at 0x5 and contains 5

However, shortly following this… 然而,在此之后不久...... 

[STRCPY] copying 14 bytes into buffer_two

Abort trap: 6

How come C recognizes this? C怎么认识到这个? And how can some hackers execute more complex buffer overflows that actually work? 一些黑客如何执行实际工作的更复杂的缓冲区溢出?

3 个解决方案

解决方案1
 3  2015-05-27 14:22:50

In your case, you've successfuly produced a buffer overflow by attempting to write 14 char s in a memory region of 8 char s. 在您的情况下,您通过尝试8 char的内存区域中写入14 char ,成功地产生了缓冲区溢出。

As soon as you write past the allocated memory, the behaviour goes undefined. 一旦您写入已分配的内存,行为将不确定。 So, the Abort message is there. 所以, Abort消息就在那里。

Related: undefined behaviour . 相关: 未定义的行为

解决方案2
 2  2015-05-27 14:26:23

Why doesn't buffer overflow occur with GCC? 为什么GCC不会发生缓冲区溢出?

Well, it is happenning in your case. 嗯,这种情况正好发生在你的情况下。 That's why, as a side effect you can see the Abort message. 这就是为什么,作为副作用,您可以看到中止消息。

解决方案3
 1  2015-05-27 14:24:03

What happens when a buffer overflow occurs is undefined . 发生缓冲区溢出时未完成的情况 That means that anything might happen. 这意味着任何事情都可能发生。 For instance, demons may fly from your nose . 例如, 恶魔可能会从你的鼻子飞出来

What happened here is that your program crashed. 这里发生的事情是你的程序崩溃了。 Rather boring. 我宁愿无聊的待着。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 为什么结构指针在Visual C ++中会发生错误,但GCC不会? - why does pointer in structure occur error in Visual C++ but GCC doesn't? 为什么这种情况没有发生? - Why the condition doesn't occur? 为什么在64位ubuntu中的gcc无法检测到以下数组溢出? - Why gcc in 64 bit ubuntu doesn't detect the following array overflow? 为什么模板专业化在gcc中不起作用 - Why template specialization doesn't work in gcc GCC为什么不编译此代码? - Why doesn't GCC compile this code? 为什么 gcc 不发出格式警告? - Why doesn't gcc emit a format warning? 为什么gcc不支持裸功能? - Why doesn't gcc support naked functions? 为什么这个模板专业化在GCC中不起作用? - Why doesn't this template specialization work in GCC? 这是什么错误? (为什么它不出现在其他类中?) - What is this error? (And why doesn't it occur in other classes?) 为什么在类型转换的 nullptr 上不会发生隐式转换 - Why doesn't implicit conversion occur on a typecasted nullptr
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM