作为我的任务的一部分,我必须在我的linux框中演示stackoverflow。
我的盒子配置: 操作系统:Ubuntu 13.04
GCC版本:4.6.3
我尝试用标志-fno-stack-protector编译程序,程序成功符合但是当我触发堆栈溢出时出现Segmentation fault错误。我怎样才能显示实际的o / p。 缓冲区溢出Pgm:
int main(int argc, char**argv)
{
int authentication=0;
char cUsername[10], cPassword[10];
strcpy(cUsername, argv[1]);
strcpy(cPassword, argv[2]);
if(strcmp(cUsername, "admin") == 0 && strcmp(cPassword, "adminpass") == 0)
{
authentication = 1;}
if(authentication)
{
printf("Access granted");}
else
{
printf("Wrong username and password");
}return 0;}
如果我给出像AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA的IP 然后它应该显示授予Acess但现在它显示分段错误
答案 0 :(得分:2)
如果您使用以下参数启动程序,我的c编译器会发生这种情况:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA B:
int main(int argc, char**argv)
{
int authentication=0;
char cUsername[10], cPassword[10];
strcpy(cUsername, argv[1]);
// now cUsername contains "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
// and authentication contains "0x41414141" because it has been overwritten because of the
// buffer overflow of cUsername
strcpy(cPassword, argv[2]);
//now cPassword contains "B"
if(strcmp(cUsername, "admin") == 0 && strcmp(cPassword, "adminpass") == 0)
{
// strings are different so we don't get here
authentication = 1;
}
if (authentication)
{
// authentication still contains 0x41414141 therefore we get here
printf("Access granted");
}
else
{
printf("Wrong username and password");
}
// here we will get a segmentation fault, because the return adress which is on the
// stack will have been overwritten with 0x41414141 which is most probably an
// invalid address
return 0;
}
顺便说一句,如果你正确格式化你的代码,它就会更容易阅读。
重要
根据您的系统,“允许访问”可能不会被打印出来,因为如果输出被缓冲,输出缓冲区通常会在>从主函数返回后清空并且因为程序段出错之前,输出缓冲区永远不会被清空,并且永远不会显示消息。尝试在“已授予访问权限”字符串的末尾添加\ n。