stack smashing error detected

Question

when i try the following snippet i am getting an error called stack smashing detected. what could be the reason for this potential bug? Can some one explain?

#include<stdio.h>
#include<unistd.h>
#include<sys/types.h>
int glob=88;
int main()
{
    int loc=2;
    pid_t pid=vfork();
    if(pid==0)
    {
        printf("Inside child");
        glob++;
        loc++;
        printf("%d %d" ,glob,loc);
    }
    else
    {
        printf("Inside parent");
        glob++;
        loc++;
        printf("%d %d",glob,loc);
    }
}

and the output when I run this code is like that

user018@sshell ~ $ gcc one.c
user018@sshell ~ $ ./a.out
Inside child89 3Inside parent90 945733057*** stack smashing detected ***: a.out
- terminated
a.out: stack smashing attack in function <unknown> - terminated
KILLED

Answer 1

From the Linux man page (and POSIX):

The vfork() function has the same effect as fork(2), except that the behavior is undefined if the process created by vfork() either modifies any data other than a variable of type pid_t used to store the return value from vfork(), or returns from the function in which vfork() was called, or calls any other function before successfully calling _exit(2) or one of the exec(3) family of functions.

You're modifying data and returning from the function in which vfork was invoked - both of these lead to undefined behavior. vfork is not equivalent to fork , the number of things you can do in a vfork d child are very, very limited. It should only be used in very specific circumstances, essentially when the only thing you need to do in the child is exec something else.

See your operating system's man page for the full details.

Answer 2

vfork() is used to create new processes without copying the page tables of the parent process. So you can't modify the variables in the child process because they are not there anymore. Use fork() instead.

One more thing, it's better to add a \\n to the end of printf() because stdout is line buffered by default.

Answer 3

1) I would definitely add a "return 0", since you declared "int main()".

2) If you wanted to disable the warning, use -fno-stack-protector in your compile line.

3) If you wanted to debug where the error is coming from, use "-g" in your compile line, and run the program from gdb (instead of running ./a.out).

My closest to "what's wrong" is this man page about vfork():

http://linux.die.net/man/3/vfork

The vfork() function shall be equivalent to fork(), except that the behavior is undefined if the process created by vfork() either modifies any data other than a variable of type pid_t used to store the return value from vfork(), or returns from the function in which vfork() was called, or calls any other function before successfully calling _exit() or one of the exec family of functions.

For Linux, just use "fork()", and I think you'll be happy :)