|
Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu |
Version of April 2, 2024 at 12:13PM
/*
* this demonstrates a consequence of failing to check the length of the input string
* if you enter more than 24 chara cters, the buffer input will overflow, changing
* the value in either above or below (depending on how the computer works); it
* may also cause a crash
*
* this differs from bad.c as it prints values *before* input as well as after
*
* NOTE: buffer overflow causes an abort if compiled with gcc
* to demonstrate what happens, use -fno-stack-protector
*
* Matt Bishop, ECS 36A
* May 28, 2024 from a buffer overflow program
*/
#include <stdio.h>
char *gets(char *); /* gcc gives a warning if this isn't here */
int main(void)
{
int above = 100; /* before the buffer */
char input[24]; /* the input buffer */
int below = 200; /* after the buffer */
/* print the values of the variables surrounding the buffer */
printf("BEFORE INPUT: above = %#010x; below = %#010x\n", above, below);
/*
* read the input
*/
if (gets(input) == NULL){
fprintf(stderr, "Unexpected EOF\n");
return(1);
}
/*
* print out result; on buffer overflow, above or below may
* change (or both, depending on where the compiler puts them)
*/
printf(" AFTER INPUT: above = %#010x; below = %#010x\n", above, below);
/* that's it! */
return(0);
}
|
ECS 36A, Programming & Problem Solving Version of April 2, 2024 at 12:13PM
|
You can get the raw source code here.
|