I've been reading an excellent book Hacking by Jon Erickson. I wanted to compile an buffer overflow example and debug it, but instead of writing outside allocated space, the application just responds with 'Abort trap'. Is this some security precaution introduced by Xcode or Mac OS? The author is using raw gcc and Debian.
#include <stdio.h>
#include <string.h>
int main(int argc, char *argv[]) {
int value = 5;
char buffer_one[8], buffer_two[8];
strcpy(buffer_one, "one"); /* put "one" into buffer_one */
strcpy(buffer_two, "two"); /* put "two" into buffer_two */
printf("[BEFORE] buffer_two is at %p and contains \'%s\'\n", buffer_two, buffer_two);
printf("[BEFORE] buffe开发者_Go百科r_one is at %p and contains \'%s\'\n", buffer_one, buffer_one);
printf("[BEFORE] value is at %p and is %d (0x%08x)\n", &value, value, value);
printf("\n[STRCPY] copying %d bytes into buffer_two\n\n", strlen(argv[1]));
strcpy(buffer_two, argv[1]); /* copy first argument into buffer_two */
printf("[AFTER] buffer_two is at %p and contains \'%s\'\n", buffer_two, buffer_two);
printf("[AFTER] buffer_one is at %p and contains \'%s\'\n", buffer_one, buffer_one);
printf("[AFTER] value is at %p and is %d (0x%08x)\n", &value, value, value);
}
This is overflow protection kicking in - although I'm not sure about XCode / OSX, with gcc you can pass -fno-stack-protector and have to turn off the ASLR
linux: sudo echo 0 > /proc/sys/kernel/randomize_va_space
This article helps Smashing the Stack in 2011
You should be able to find out how to disable the protections to play with this code.
I'm reading the same book btw - I've had to adjust / google around to make some things relevant for 2011.
精彩评论