Re: protection against buffer overflows

To: Ralf Dreibrodt <ralf@dreibrodt.de>
Cc: debian-security@lists.debian.org
Subject: Re: protection against buffer overflows
From: Steve Johnson <steve@webninja.com>
Date: 23 Jan 2002 15:06:13 -0800
Message-id: <[🔎] 1011827174.9613.9.camel@monkey>
In-reply-to: <[🔎] 3C4F42CF.1D542F9C@dreibrodt.de>
References: <[🔎] 675596326AC6D5119F5600A024CC1851102B26@MAIL2> <[🔎] 1011775527.603.2.camel@isidor> <[🔎] 1011825803.9612.4.camel@monkey> <[🔎] 3C4F42CF.1D542F9C@dreibrodt.de>

> #include <stdio.h>
> 
> void example()
> {
>   char a[10];
>   char b[10];
>   strcpy(a, "123456789");
>   printf ("a: %s\n", a);
>   b[20]='X';
>   b[21]='Y';
>   b[22]='Z';
>   printf("a: %s\n", a);
>   return;
> }
> main()
> {
> example();
> }
Ralf,
i ran this code
very interesting results, how? i would assume that the b buffer would
sit on the stack past the a buffer as it was declared afterward, and
also i'm confused of how assigning string lits to b beyond it's
allocation would affect a?  and wouldn't a still have a term null char?
obviously this is the problem everyone speaks of, is there a logical
explanation?
thanks,
steve

Reply to:

References:
- RE: protection against buffer overflows
  - From: "Hassard, Stephen" <SHassard@angio.com>
- RE: protection against buffer overflows
  - From: Lars Bahner <lars@bahner.com>
- RE: protection against buffer overflows
  - From: Steve Johnson <steve@webninja.com>
- Re: protection against buffer overflows
  - From: Ralf Dreibrodt <ralf@dreibrodt.de>

Prev by Date: Re: protection against buffer overflows
Next by Date: Re: protection against buffer overflows
Previous by thread: Re: protection against buffer overflows
Next by thread: Re: protection against buffer overflows
Index(es):
- Date
- Thread