Here is the buggy c code
Code:
include <stdio.h>
#include <stdlib.h>
#define MAX 8
int main(void) {
char namebuf[MAX];
printf("Enter your name: "); fgets(namebuf,5,stdin);
printf(namebuf);
return 0;
}
$gdb over
GNU gdb 6.1
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i586-suse-linux"...Using host libthread_db library "/lib/tls/libthread_db.so.1".
(gdb) run
Starting program: /home/cdalten/over
Enter your name: %s
Program received signal SIGSEGV, Segmentation fault.
0x400913cb in strlen () from /lib/tls/libc.so.6
(gdb) bt
#0 0x400913cb in strlen () from /lib/tls/libc.so.6
#1 0x40066c76 in vfprintf () from /lib/tls/libc.so.6
#2 0x4006c310 in printf () from /lib/tls/libc.so.6
#3 0x0804842f in main () at over.c:12
(gdb) q
The program is running. Exit anyway? (y or n) y
I know the bug is in this line
It has something due with the fact printf() has been passed an unchecked string. But that is about is. Would someone care to enlighten me on what is going on?