buffer overflow

**gothic_type** · September 5th, 2004, 08:11 PM

You know how we were talking about a return address from a function? Basically, you put your own code (can do anything you want it to do) into the memory and get its memory address. Then you do a buffer overflow and when you get to the return address "field", instead of putting crap in it, you put in the memory address of the code that you put into the memory yourself.

This code can do whatever you want it to do, such as start a shell (quite a common one). But that's only an example.

ac

**nirvanist6** · September 6th, 2004, 03:34 PM

Thanks for the explaination

***[WebCarnage]*** · September 17th, 2004, 09:28 AM

By: FallenZer0
But, a person with a little bit of common sense would think, why don't the input get truncated if the user types more characters then was defined, instead of an overflow or a crash?

I think the asnwers you got to this question were just too long. Basically, if you want the input to get truncated you, the coder, have to implicitly code something that will truncate input.

Thus one of the reasoning behind fgets().

Code:

#include &lt;stdio.h&gt;

int main() {
    int name[10];

    //gets(name);
    fgets(name, sizeof name, stdin); 
    printf("%s\n", name);

    return 0;
}

Thread: buffer overflow

Thread Tools

Display

Posting Permissions