首页 > 其他分享> > c – 为什么GCC没有发生缓冲区溢出？

c – 为什么GCC没有发生缓冲区溢出？

2019-08-24 17:07:19 作者：互联网

我刚刚学习缓冲区溢出.我试图使用GCC复制它.这是我写的代码.

#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[])
{
    int value = 5;
    char buffer_one[8], buffer_two[8];

    strcpy(buffer_one, "one");
    strcpy(buffer_two, "two");

    printf("[BEFORE] buffer_two is at %p and contains %s\n", buffer_two, buffer_two);
    printf("[BEFORE] buffer_one is at %p and contains %s\n", buffer_one, buffer_one);
    printf("[BEFORE] value is at %p and contains %d\n\n", value, value);

    printf("[STRCPY] copying %d bytes into buffer_two\n\n", strlen(argv[1]));
    strcpy(buffer_two, argv[1]);

    printf("[BEFORE] buffer_two is at %p and contains %s\n", buffer_two, buffer_two);
    printf("[BEFORE] buffer_one is at %p and contains %s\n", buffer_one, buffer_one);
    printf("[BEFORE] value is at %p and contains %d\n\n", value, value);

    return 0;
}

好像它应该工作,对吗？ Buffer_two和buffer_one在内存中彼此相邻.

[BEFORE] buffer_two is at 0x7fff56ff2b68 and contains two
[BEFORE] buffer_one is at 0x7fff56ff2b70 and contains one
[BEFORE] value is at 0x5 and contains 5

然而,在此之后不久……

[STRCPY] copying 14 bytes into buffer_two

Abort trap: 6

C怎么认识到这个？一些黑客如何执行实际工作的更复杂的缓冲区溢出？

解决方法:

在您的情况下,您通过尝试在8个字符的内存区域中写入14个字符,成功地产生了缓冲区溢出.

一旦您写入已分配的内存,行为将不确定.所以,Abort消息就在那里.