Vulnerability Development mailing list archives
Re: argc issue
From: jlongs2 () uic edu
Date: Thu, 25 May 2006 15:28:00 -0500 (CDT)
On Tue, 23 May 2006, padre () correo ugr es wrote:
int main (int argc, char **argv)
{
char *a;
char *b;
a=malloc(char *)(100);
b=malloc(char *)(100);
if (argc)
exit (-1);
else {
strcpy(a,argv[1]);
}
free (a);
return 0;
}
You're going to have to execve(2) that program from another program, in order to control its argv/argc.
printargc.c:
int main(int argc, char **argv)
{
printf("%d\n",argc);
}
execargc.c:
int main()
{
char *av = 0;
execve("./printargc",&av,0);
}
$ ./printargc
1
$ ./execargc
0
This doesn't leave you much of anywhere though, because you can't fill
that buffer...
Current thread:
- argc issue padre (May 25)
- RE: argc issue Chris Eagle (May 26)
- Re: argc issue 3APA3A (May 26)
- Re: argc issue Valdis . Kletnieks (May 26)
- Re: argc issue mike davis (May 26)
- Re: argc issue jlongs2 (May 29)