[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Overflow Bug

From: Pierre Gaston
Subject: Re: Overflow Bug
Date: Fri, 13 Jul 2012 08:53:25 +0300

On Thu, Jul 12, 2012 at 8:09 PM, Ernesto Messina
<address@hidden> wrote:
> Hello, I think I found an overflow bug. I got the follow C program:
> #include <stdio.h>
> #include <string.h>
> int main(int argc, char *argv[])
> {
>     char a[10];
>     int i;
>     strcpy(a, argv[1]);
>   return 0;
> }
> Compiling with: gcc program.c -o program
> And running: program `perl -e 'print "a" x 24'`
> The terminal loses the control, entering into a infinite buckle, and

bash is not the terminal and is not involved once the program runs,
and yes, writing buggy programs can cause buggy behaviour. On this
system man strcpy says under BUGS:

       If the destination string of a strcpy() is not large enough, then  any‐
       thing  might  happen.   Overflowing  fixed-length  string  buffers is a
       favorite cracker technique for taking complete control of the  machine.

PS: "infinite loop" not "infinite buckle"

reply via email to

[Prev in Thread] Current Thread [Next in Thread]