Vulnerability Development mailing list archives
understanding buffer overflows
From: secacc7 () hotmail com
Date: 31 Oct 2007 14:36:22 -0000
hello, my name is michael, im from austria - so my english is very bad. A few days ago i begin to experiment with bufferoverflows in linux. i wrote a little c++ programm like this: #include <string.h> void main() { char buffer[10]; char COPY[]="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..."; strcpy((char *)buffer,(char *)COPY); } k, this works very well, i got a core dump and have startet gdb. but in the output from "info all" was eip not overwritten so i put a few lines in the program to output addresses from functions and variables. addresses from functions where over 0 (eg (dec)500000) and addresses from vars under 0 (eg -5000000) i think this is maybe the problem - but why? output from gdb: eax 0x0 0 ecx 0x41414141 1094795585 edx 0x1d7 471 ebx 0xb7e27ff4 -1209892876 esp 0x4141413d 0x4141413d ebp 0x41414141 0x41414141 esi 0xb7f77ce0 -1208517408 edi 0x0 0 eip 0x80484ad 0x80484ad eflags 0x210286 [ PF SF IF RF ID ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 hope anybody can help me understand/learn. greets from austria, michael
Current thread:
- understanding buffer overflows secacc7 (Oct 31)