I didn't say that I thought segmentation faults are fine. I just said that I can find and fix them without harming my system.Originally Posted by Elysia
I didn't say that I thought segmentation faults are fine. I just said that I can find and fix them without harming my system.
Like I said, what happens if you share your code and it crashes on someone else's system?
What happens if you're running your program in the background and some hacker comes and causes a buffer overrun? What if the hacker takes over your system?
A buffer overrun may or may not result in a segmentation fault. Furthermore, it can completely screw up your program. It could even delete files you wouldn't want off your hard drive. Would you like that?
By the time the overrun occurs, it's too late to fix it. The damage is done.
What can go wrong
Look my code runs just fineCode:#include <stdio.h> int main(int argc, char *argv[]) { char name[6]; char folder[] = "/home/dylan/old_folder"; printf("Enter your name : "); gets(name); printf("Your Name Is %s\n",name); printf("Im going to delete folder %s\n",folder); return 0; }
Yeah must be goodCode:./bad_code Enter your name : Dylan Your Name Is Dylan Im going to delete folder /home/dylan/old_folder
Where is my folder??Code:./bad_code Enter your name : Dylan /home/dylan/keep_me Your Name Is Dylan /home/dylan/keep_me Im going to delete folder /home/dylan/keep_me
I regret not having a code injection sample to show you. But just google buffer overrun to see some. It shouldn't be hard.
Your code is a ticking time bomb, but your usage didn't cause a buffer overrun.
It's not?Your code is a ticking time bomb, but your usage didn't cause a buffer overrun.
So when I put "Dylan /home/dylan/keep_me" into name[6] and the "/home/dylan/keep_me" ends up outside of name[0]-name[5].
Is there another name for this then??
Dylan
dylan's example does look like an example of a buffer overrun to me, though of course whether it demonstrates it in precisely the way shown is implementation dependent.
Look up a C++ Reference and learn How To Ask Questions The Smart Way
And where do you copy that into name?
Here:
Code:gets(name);
Look up a C++ Reference and learn How To Ask Questions The Smart Way
Ah, right, confusing Linux syntax + the hard coded string literal.
Of course, the second example is a buffer overrun. I don't know if I only considered the first which isn't.
WHAT??? "Confusing Linux syntax"??? Yeah....OK...Ah, right, confusing Linux syntax + the hard coded string literal.
Yes, Linux all about confuzzling.
Actually, the only thing Linux about the examples is the directory separator, and even that is not Linux specific.
I think dylan's first example was just to demonstrate the expected result, kind of like what nonoob was talking about things working for a newbie.
Look up a C++ Reference and learn How To Ask Questions The Smart Way
Yeah, I got that much. I was too lazy to properly slam dylan, so feel free.
I'm just too tired to rant about security and how that example is so broken in so many ways.
And how these silly newbies just pop up and think they're right.
Hmmm???
The code I posted was a joke, the first time I ran it it ran fine (Only because I used < 5 chars).
But my point was just because people's code runs it might not be correct, the second time I ran it, I used more text in the question to demonstrate what can happen.
My post was the show that code can work but is BAD!!!
I'm not trying to say I'm right. When you told me my code was not a buffer overflow, I believed you but could not figure out why.
Dylan
Yeah, I missed it at the first time. Still, this applies to nonoob, then.
You should have made it clearer what you meant to say...
