Date: Sun, 17 Oct 2004 17:36:02 -0500 From: Jason Dusek <jason-dusek@uiowa.edu> To: questions@freebsd.org Subject: No Buffer Overflow Message-ID: <4172F3D2.8040200@uiowa.edu>
next in thread | raw e-mail | index | archive | help
Hi Everyone,
I am reading an intro to shell-coding, and the following program is used as a
simple example of vulnerable code:
/* vuln.c */
int
main(int argc, char **argv, char **envp)
{
char buf[256];
strcpy(buf, argv[1]);
return 0;
}
When I run this code like this:
18 > vuln
Segmentation fault (core dumped)
it segfaults, like the tutorial says. In the tutorial this line:
19 > vuln `perl -e 'print "A"x256 . "BBBB" . "CCCC"'`
also segfaults, but not on my machine. Is this some FreeBSD security feature?
20 > uname -a
FreeBSD localhost 5.3-BETA2
FreeBSD 5.3-BETA2 #0: Mon Sep 6 15:27:56 CDT 2004
root@localhost:/usr/obj/usr/src/sys/CUSTOM i386
If this doesn't cause a segfault, does it still overflow?
_jason
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4172F3D2.8040200>