Created
December 31, 2017 15:19
-
-
Save artem-smotrakov/9638c9a39e6968f19481d8ccf67aef5a to your computer and use it in GitHub Desktop.
An example of global buffer overflow, see more on https://blog.gypsyengineer.com/fun/security/global-buffer-overflows.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| char buffer[16]; | |
| int main(int argc, char **argv) { | |
| if(argc < 2) { | |
| printf("no parameters specified\n"); | |
| exit(-1); | |
| } | |
| char* allocated = malloc(32); | |
| strcpy(allocated, "test"); | |
| printf("buffer address = %p\n", buffer); | |
| printf("allocated address = %p\n", allocated); | |
| printf("allocated address - buffer address = %lu\n", allocated - buffer); | |
| printf("allocated (before) = %s\n", allocated); | |
| // global buffer overflow may occur here | |
| // if argv[1] has more than 16 symbols | |
| strcpy(buffer, argv[1]); | |
| printf("allocated (after) = %s\n", allocated); | |
| free(allocated); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment