Why is there no buffer overflow in GCC?
I recently learned about a buffer overflow. I tried to copy it using GCC. Here is the code I wrote.
#include <stdio.h>
#include <string.h>
int main(int argc, char *argv[])
{
int value = 5;
char buffer_one[8], buffer_two[8];
strcpy(buffer_one, "one");
strcpy(buffer_two, "two");
printf("[BEFORE] buffer_two is at %p and contains %s\n", buffer_two, buffer_two);
printf("[BEFORE] buffer_one is at %p and contains %s\n", buffer_one, buffer_one);
printf("[BEFORE] value is at %p and contains %d\n\n", value, value);
printf("[STRCPY] copying %d bytes into buffer_two\n\n", strlen(argv[1]));
strcpy(buffer_two, argv[1]);
printf("[BEFORE] buffer_two is at %p and contains %s\n", buffer_two, buffer_two);
printf("[BEFORE] buffer_one is at %p and contains %s\n", buffer_one, buffer_one);
printf("[BEFORE] value is at %p and contains %d\n\n", value, value);
return 0;
}
It seems like it should work, right? Buffer_two and buffer_one are adjacent to each other in memory.
[BEFORE] buffer_two is at 0x7fff56ff2b68 and contains two
[BEFORE] buffer_one is at 0x7fff56ff2b70 and contains one
[BEFORE] value is at 0x5 and contains 5
However, shortly thereafter ...
[STRCPY] copying 14 bytes into buffer_two
Abort trap: 6
Why does C recognize this? And how can some hackers perform more complex buffer overflows that actually work?
source to share
In your case, you have successfully created a buffer overflow by trying to write 14
char
to the memory area 8
char
s.
Once you write the allocated memory, the behavior is undefined. So the message Abort
is there.
Related: undefined behavior .
source to share
What happens on a buffer overflow is undefined . This means that anything can happen. For example, demons can fly from your nose .
What happened here is that your program crashed. Rather boring.
source to share