Given below is a little program to smash the stack or buffer overflow on Ubuntu Linux. The buffer is deliberately set to 10 which is very small, without any error checking.
#include <stdio.h>
#include <string.h>
/* Stack smashing example */
void echoinput(char *userinput)
{
char buffer[10];
strcpy(buffer, userinput);
printf("\n\n%s\n\n", buffer);
}
int main(int argc, char **argv)
{
echoinput(argv[1]);
return 0;
}
$ ./tst3 123456789 (The values are within buffer limits. Hence no overflow.)
$ ./tst3 1234567891011 (Values out of buffer limits, there is a buffer overflow.)
1234567891011
*** stack smashing detected ***: ./tst3 terminated
Aborted (core dumped)
Ubuntu Linux provides a very informational message ***stack smashing detected*** It is helpful for programmers to look at buffer values.
No comments:
Post a Comment