I'm reading a book about bufferoverflows and shellcode, and in the book there is this code below.
I understand most of it except the purpose of buffer = command +strlen(command);
.
When I use memset()
on the buffer doesn't it overwrite what I stored there previously with command+strlen(command)
? Can someone clarify it for me?
When one of the operands of +
is a pointer then C does pointer arithmetic.
The result or pointer + number
is a pointer value that points to the value with index number
. It is equivalent to &pointer[number]
.
So, in this case:
buffer = command + strlen(command);
is equivalent to
buffer = &command[strlen(command)];
So buffer
will point to the string terminator in command
, which is just the right place if you want to concatenate something to the command
string.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.