Skip to content

Instantly share code, notes, and snippets.

@0xabad1dea
Last active December 17, 2015 14:59
  • Star 16 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save 0xabad1dea/5628766 to your computer and use it in GitHub Desktop.
A deceitful C program
// hello clever programmers, would you like to play a game?
// where's the bug?
// by 0xabad1dea :)
#include <stdio.h>
#include <string.h>
int main() {
char input[16] = "stringstring!!!";
char output[8];
//so this will leave it not terminated//
strncpy(output, input, 8);
//but this will fix it right??/
output[7] = '\0';
//so what happens here?//
printf("%s\n", output);
return 0;
}
// HINT: the behavior of this program depends on whether your
// compiler has turned ON or OFF a certain genuine ANSI C feature!
// also, modern stack protectors will keep this from being
// usefully exploitable, but that's besides the point
@axiomsofchoice
Copy link

@0xabad1dea
Copy link
Author

@axiomsofchoice Whoa spoiler alert :p

@SlaunchaMan
Copy link

Whoa.

@oleganza
Copy link

Nice.

@glug
Copy link

glug commented May 24, 2013

Saw it immediately, ran into something similar before...

Note: Try to find the bug before compiling (gcc will output a warning).

@danmcd
Copy link

danmcd commented Mar 17, 2014

Fercryinoutloud. I'm having flashbacks to C/400 for the AS/400. My introduction to trigraphs, and the only time I found more bugs in the compiler than the code I was testing.

@iljavs
Copy link

iljavs commented Mar 18, 2014

I've never actually seen trigraphs being used anywhere. interesting code sample none the less though.

@thethomaseffect
Copy link

Cool, thanks for this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment