我对如何在linux上运行文件漏洞感到困惑:
int fd = open("/tmp/file1", O_RDWR | O_TRUNC);
write(fd, "bbbb", 4);
lseek(fd, SEEK_SET, 10000);
write(fd, "aaaa", 4);
lseek(fd, SEEK_SET, 50);
write(fd, "cccc", 4);
close(fd);
为什么cat / tmp / file1产生
bbbbaaaacccc
?不应该是bbbcccaaa吗?因为aaaa写的偏移量是10000?
更新:lseek使用EINVAL返回-1。
答案 0 :(得分:3)
因为“你确定lseek在所有通话中都成功吗?你不检查它的结果代码。”帮助确定在文件系统调用后我想要添加的问题:
int res = lseek(fd, 10000, SEEK_SET);
if (res == -1) {
perror("lseek has failed");
return 1;
}
问题是您使用错误顺序的参数:
lseek(fd, SEEK_SET, 10000); /* WRONG order for second and third parametes ! */
正确的顺序:
lseek(fd, 10000, SEEK_SET);
这是一个男人lseek:
off_t lseek(int fd, off_t offset, int whence);
The lseek() function repositions the file offset of the open file
description associated with the file descriptor fd to the argument
offset according to the directive whence as follows:
SEEK_SET
The file offset is set to offset bytes.
SEEK_CUR
The file offset is set to its current location plus offset bytes.
SEEK_END
The file offset is set to the size of the file plus offset
bytes.