Thread: Buffer Overflow - Stopping this

  1. #1
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331

    Buffer Overflow - Stopping this

    Ok below is a program we wrote in CS class. I found that by entering too many numbers, in this case 32 9's(bored) i caused a buffer overflow. Now in the sense of making BO's and DOS attacks and such i know that, but how can i adjust my program to allow that many numbers before the thing overflows? Is it my variable types?

    Code:
    /*	Steven Billington
    	SumNum.cpp
    	September 23, 2002
    */
    
    #include <iostream.h>
    #include <iomanip.h>
    
    const int MAIN_CONST = 5;
    
    int main ()
    
    {
    
    	int givenvalu,j,sum=0;
    
    	for (j=1; j <=MAIN_CONST; ++j)
    		{
    			cout <<"Please enter a number and press <enter>: ";
    
    			cin >>givenvalu;
    
    			sum += givenvalu;
    		}
    
    	cout <<endl;
    
    	cout <<"The sum of the given numbers is "<<sum<<endl;
    
    	cout <<endl;
    
    	cout <<"Goodbye!"<<endl;
    
    	return 0;
    
    }

  2. #2
    pronounced 'fib' FillYourBrain's Avatar
    Join Date
    Aug 2002
    Posts
    2,297
    well I'm not sure where your buffer overflow happens exactly but it would seem that you were entering 32 9s as in a HUGE number? in that case cin.operator>>(int &) probably uses an internal string to do an atoi() call with. I assume the buffer overflow is in there. if that's true then the limitation is with cin and you'll have to come up with a work around like getting it as a string instead (larger string) and figuring out the number yourself. But I wouldn't bother for some silly little homework assignment though.
    "You are stupid! You are stupid! Oh, and don't forget, you are STUPID!" - Dexter

  3. #3
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331
    nah i wouldn't bother myself, i thought maybe it was the variable type needing to be declared bigger or sumthing. Heres what was happening;

    Enter a Number and press enter: 1
    Enter a Number and press enter: 2
    Enter a Number and press enter: 3
    Enter a Number and press enter: 4
    Enter a Number and press enter: 99999999999999999999999999999999(i didn't count em out but u get the idea)

    *hits enter*

    the 9's cause it to crash, because (apparently) it can't store all that data(?)....

  4. #4
    Registered User
    Join Date
    Aug 2002
    Posts
    170
    an int maxes at 65535.
    unsigned you can double that to 131071

    is it any wonder that 9999999999999999999999999999999999999999999 would be too big?
    Best Regards,

    Bonkey

  5. #5
    pronounced 'fib' FillYourBrain's Avatar
    Join Date
    Aug 2002
    Posts
    2,297
    ya, but all cin input comes in as a string and then is translated to the appropriate data type. I would suspect it writes over a char buffer that was made a certain size based on the max that an int can have as bonkey said. It really should have been implemented with a check though. Oh well.
    "You are stupid! You are stupid! Oh, and don't forget, you are STUPID!" - Dexter

  6. #6
    S Sang-drax's Avatar
    Join Date
    May 2002
    Location
    Göteborg, Sweden
    Posts
    2,072
    Originally posted by bonkey
    is it any wonder that 9999999999999999999999999999999999999999999 would be too big? [/B]
    The problem was a buffer overflow not an integer overflow.
    Last edited by Sang-drax : Tomorrow at 02:21 AM. Reason: Time travelling

  7. #7
    Registered User
    Join Date
    Aug 2002
    Posts
    170
    Well, we all know that as a cin can read strings that are that long or longer. I would be willing to bet that the error is happening in the conversion between the string and the int.

    Who knows how that is done under the covers? Perhaps it creates an array of bits and copies the bits over 1 at a time. Since the value is too big to fit in the int in overruns the array. I don't know this, I will have to dig into the code.

    But this could result in a buffer overflow, just as I said. You could do a cin to a CString and see if you get the same problem, I bet you don't see it then.
    Best Regards,

    Bonkey

  8. #8
    ˇAmo fútbol!
    Join Date
    Dec 2001
    Posts
    2,138
    You could use cin.getline to restrict the number of chars it would read in. From here, you can use atoi to convert your char buffer into an int.

  9. #9
    Redundantly Redundant RoD's Avatar
    Join Date
    Sep 2002
    Location
    Missouri
    Posts
    6,331
    hmm, i'll worry when i get this in a real life important program, this one was a class thing i was dicking around with, thnx guys.

  10. #10
    Guest Sebastiani's Avatar
    Join Date
    Aug 2001
    Location
    Waterloo, Texas
    Posts
    5,708
    FYI: integer "overflow" will NEVER cause a crash. The numeber just quietly rolls over...try:

    int num = 428;

    for(i = 0; i < 100000; i++)
    num *= num;

    The problem IS cin's internal buffer. Using cin.getline() will nix this problem, as said earlier...
    Code:
    #include <cmath>
    #include <complex>
    bool euler_flip(bool value)
    {
        return std::pow
        (
            std::complex<float>(std::exp(1.0)), 
            std::complex<float>(0, 1) 
            * std::complex<float>(std::atan(1.0)
            *(1 << (value + 2)))
        ).real() < 0;
    }

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Multithreading (flag stopping a thread, ring buffer) volatile
    By ShwangShwing in forum C Programming
    Replies: 3
    Last Post: 05-19-2009, 07:27 AM
  2. Replies: 16
    Last Post: 10-29-2006, 05:04 AM
  3. Buffer overflow errors
    By EvBladeRunnervE in forum C Programming
    Replies: 2
    Last Post: 03-17-2004, 04:58 PM
  4. Buffer overflow issue.
    By caroundw5h in forum C Programming
    Replies: 3
    Last Post: 12-27-2003, 12:13 PM
  5. Console Screen Buffer
    By GaPe in forum Windows Programming
    Replies: 0
    Last Post: 02-06-2003, 05:15 AM