Here's the deal I'm not getting a segmentation fault when I'm suppose to.
Code:
#include <stdio.h>
int call_me(void)
{
char buffer[10];
scanf("%s", buffer);
printf("%s\n", buffer);
return 0;
}
int main(void)
{
call_me();
return 0;
}
Memory is accessed in words (4 bytes or 32 bits) so buffer[10] is really 12 bytes. Ok, so anything over 12 should overflow it and give a segmentation fault, correct? Well, this is not the case....
Code:
[nouse@localhost nouse]$ gcc -o vuln vuln.c
[nouse@localhost nouse]$ ./vuln
AAAABBBBCCCCDDDD
AAAABBBBCCCCDDDD
[nouse@localhost nouse]$ ./vuln
AAAABBBBCCCCDDDDEEEE
AAAABBBBCCCCDDDDEEEE
[nouse@localhost nouse]$ ./vuln
AAAABBBBCCCCDDDDEEEEFFFF
AAAABBBBCCCCDDDDEEEEFFFF
Segmentation fault
[nouse@localhost nouse]$
So the first attempt I use 16 bytes which should overflow the buffer (12 bytes) and sfp (saved frame pointer (4 bytes)) there after. Doesn't do it. Next, I use 20 bytes, which should overflow the buffer, spf, and ret (saved ip (4 bytes)). Finally, after 24 bytes I get a seg fault. 24 bytes to overflow a 12 byte buffer? What's going on?
Also, gdb isn't working with me either. I try to check my registers to see what's going on but it says there arn't any.
Code:
[nouse@localhost nouse]$ gdb vuln
GNU gdb 5.3-22mdk (Mandrake Linux)
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i586-mandrake-linux-gnu"...
(gdb) info registers
The program has no registers now.
(gdb)
I must be missing something? Thanks for any help.