以下代碼顯示分段錯誤
[英]following code showing segmentation fault
問題描述
為什么以下代碼顯示分段錯誤?
int CreateRawSocket(int protocol_to_sniff)
{
int rawsock;
if((rawsock = socket(PF_PACKET, SOCK_RAW, htons(protocol_to_sniff)))== -1)
{
perror("Error creating raw socket: ");
exit(-1);
}
return rawsock;
}
int BindRawSocketToInterface(char *device, int rawsock, int protocol)
{
struct sockaddr_ll sll;
struct ifreq ifr;
bzero(&sll, sizeof(sll));
bzero(&ifr,sizeof(ifr));
/* First Get the Interface Index */
char *t=(char*)ifr.ifr_name;
strncpy(t, device, 1024);
if((ioctl(rawsock, SIOCGIFINDEX, &ifr)) == -1)
{
printf("Error getting Interface index !\n");
exit(-1);
}
/* Bind our raw socket to this interface */
sll.sll_family = AF_PACKET;
sll.sll_ifindex = ifr.ifr_ifindex;
sll.sll_protocol = htons(protocol);
if((bind(rawsock, (struct sockaddr *)&sll, sizeof(sll)))== -1)
{
perror("Error binding raw socket to interface\n");
exit(-1);
}
return 1;
}
void PrintPacketInHex(unsigned char *packet, int len)
{
unsigned char *p = packet;
printf("\n\n---------Packet---Starts----\n\n");
while(len--)
{
printf("%.2x ", *p);
p++;
}
printf("\n\n--------Packet---Ends-----\n\n");
}
main(int argc, char **argv)
{
int raw;
unsigned char packet_buffer[2048];
int len;
int packets_to_sniff;
struct sockaddr_ll packet_info;
int packet_info_size = sizeof(packet_info);
/* create the raw socket */
raw = CreateRawSocket(ETH_P_IP);
/* Bind socket to interface */
BindRawSocketToInterface(argv[1], raw, ETH_P_IP);
/* Get number of packets to sniff from user */
packets_to_sniff = atoi(argv[2]);
/* Start Sniffing and print Hex of every packet */
while(packets_to_sniff--)
{
if((len = recvfrom(raw, packet_buffer, 2048, 0, (struct sockaddr*)&packet_info, &packet_info_size)) == -1)
{
perror("Recv from returned -1: ");
exit(-1);
}
else
{
/* Packet has been received successfully !! */
PrintPacketInHex(packet_buffer, len);
}
}
return 0;
}
2 個解決方案
解決方案1
1 2010-11-11 14:04:20
當您沒有提供足夠的命令行參數而未檢查argc時,就會發生內存沖突。
解決方案2
1 已采納 2010-11-11 19:03:43
崩潰是由例程BindRawSocketToInterface中的以下行引起的:
strncpy(t, device, 1024);
在這里,您已要求strncpy將1024個字節寫入char *t 。 請注意, strncpy使用指定數量的空字節strncpy目標字符串 ,請參見man strncpy 。
但是t指向的數組還不夠大,即ifr.ifr_name[IFNAMSIZ] 。 在我的Linux系統上, IFNAMSIZ只有16。因此, strncpy溢出並IFNAMSIZ了它不應該占用的內存。
如下更改strncpy參數以匹配數組的正確大小可修復崩潰:
strncpy(t, device, IFNAMSIZ);
每當我在表達式中輸入括號時,以下代碼為什么顯示分段錯誤?
[英]Why is the following code showing segmentation fault whenever I input parantheses in the expression?
分段錯誤的原因與使用以下C代碼返回隨機值
[英]Reason for Segmentation fault vs returning random values with the following C code
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.