Why no segmentation fault when strcpy() causes an buffer overflow?
Question
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
void main() {
char *a = "aaaaaaaaaaaaaaaa";
char b[1];
strcpy(b, a);
printf("%s\n", b);
}
When running, it prints:
aaaaaaaaaaaaaaaa
If I make *a super long, for example, *a="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", then it will cause a segfault.
Why there is no overflow in the first case?
3 answers
solution1
2 ACCPTED 2015-02-05 19:28:14
A segmentation fault happens when your program tries to access memory that doesn't belong to your program's virtual address space; this will not happen if you just overwrite a bit of stuff right after your original copy destination.
solution2
0 2015-02-05 19:31:54
There is buffer overflow, it doesn't mean it will always couse segmentation fault. It is undefined behaviour - there MAY be segfault. It depends on what is "placed" right after your variable in memory.
solution3
0 2015-02-05 19:32:19
Appearing to work, or, for that matter, not crashing, is a valid form of undefined behavior. Anything can happen when your program has UB. That's why it's highly undesirable.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.