发表新帖
发表新帖

Buffer Overflow not happened

后端 未结
关注
2 1569
无人及你
无人及你 2020-12-22 14:25

I tried this sample c code:

int main()
{
    int array[5];
    int i;

    for (i = 0; i <= 255; i++)
    {
        array[i] = 10;
    }
}
相关标签:
2条回答
  • 一生所求
    2020-12-22 14:35

    Try: 

    sudo echo 0 > /proc/sys/kernel/randomize_va_space

    And compile again like this:

    gcc buffer2.c -o buffer2 -fno-stack-protector
    0 讨论(0)
  • 感动是毒
    2020-12-22 14:37

    There's no runtime bounds checking in C. Writing to elements outside the bounds of an array is undefined behavior. Undefined behavior means that anything can happen as far as the standard is concerned. So, although a segmentation fault is fairly likely, it's by no means guaranteed.

    Just because there wasn't a segmentation fault doesn't mean there wasn't a buffer overflow. There definitely was. It just didn't result in a segmentation fault this time. This type of error is serious and can cause a number of security problems. The moral of the story is don't cause a buffer overflow, ever. It's not safe, and you can't rely on C to protect you.

    0 讨论(0)
 看不清?
提交回复
热议问题