1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

stack overflow failure

Discussion in 'C' started by k0der, Jun 1, 2009.

  1. k0der

    k0der New Member

    hello,
    i want to intentionally bypass the statement
    x=1;
    in the below program.but was unable to do.
    i am using gcc and gdb on fedora 8 linux on AMD64 machine.
    what i am getting is just segmentation fault.
    please put some points how to do that.
    thanks. :)



    Code:
    /*.................         This program writes bypass a particular statement by process stack  overflow and return to the statement pass x=1 tp printf.... */
    
    
    // Status: still does not work
    
    #include<stdio.h>
    function(int a, int b, int c) 
    {
       char buffer1[5];
       char buffer2[10];
       int *ret;
    
       ret = buffer1 + 12;   // reaching at the ret statement; i.e. return address i.e. saved IP value before coming to function()
       (*ret) += 12;   //overwriting the IP value to past x=1;to know disassemble the main in gdb and count hw much to add hr(12)
    }
    
    int main()
     {
      int x;
    
      x = 0;
      function(1,2,3);
      x = 1;            //this statement is to be skipped by overflow
      printf("%d\n",x);
    }
     
    Last edited by a moderator: Jun 1, 2009
  2. xpi0t0s

    xpi0t0s Mentor

    This won't work if your calling convention is cdecl because the caller cleans up the stack, so by skipping the x=1 statement you also skip the stack cleanup code and thus leak stack memory (stack memory, which is more severe than heap memory cos there's usually a lot less).
    This shouldn't cause a crash though, so what you'll need to do is to step through the code at the assembler level to find out where it's going wrong. Probably your calculations are off by a few.

    A better solution is to return a value and let the caller decide what to do, e.g.
    Code:
    if (function(1,2,3))
      x=1;
    
    so x=1 is skipped if function() returns zero.
     
  3. k0der

    k0der New Member

    i can skip the statement x=1,but i wanted to do it through stack overflow.I am using linux machine with AMD64 processor..i going through all the gibberish in assembly level.i am using gcc and gdb.i am off but how much i am not able to determine.
    thanks for help anyways. :)
     

Share This Page