我一直在读Jon Erickson写的一本很棒的书。我想编译一个缓冲区溢出示例并对其进行调试,但是应用程序只响应“Abort trap”而不是写出外部分配的空间。这是Xcode还是Mac OS引入的一些安全预防措施?作者正在使用原始gcc和Debian。
#include <stdio.h>
#include <string.h>
int main(int argc, char *argv[]) {
int value = 5;
char buffer_one[8], buffer_two[8];
strcpy(buffer_one, "one"); /* put "one" into buffer_one */
strcpy(buffer_two, "two"); /* put "two" into buffer_two */
printf("[BEFORE] buffer_two is at %p and contains \'%s\'\n", buffer_two, buffer_two);
printf("[BEFORE] buffer_one is at %p and contains \'%s\'\n", buffer_one, buffer_one);
printf("[BEFORE] value is at %p and is %d (0x%08x)\n", &value, value, value);
printf("\n[STRCPY] copying %d bytes into buffer_two\n\n", strlen(argv[1]));
strcpy(buffer_two, argv[1]); /* copy first argument into buffer_two */
printf("[AFTER] buffer_two is at %p and contains \'%s\'\n", buffer_two, buffer_two);
printf("[AFTER] buffer_one is at %p and contains \'%s\'\n", buffer_one, buffer_one);
printf("[AFTER] value is at %p and is %d (0x%08x)\n", &value, value, value);
}
答案 0 :(得分:5)
这是溢出保护 - 尽管我不确定XCode / OSX,使用gcc你可以传递-fno-stack-protector并且必须关闭ASLR
linux: sudo echo 0 > /proc/sys/kernel/randomize_va_space
本文帮助Smashing the Stack in 2011
您应该能够找到如何禁用保护以使用此代码。
我正在读同一本书 - 我不得不调整/谷歌来制作与2011年相关的一些东西。