Home > OS >  Buffer Overflow Attack with Int
Buffer Overflow Attack with Int

Time:05-10

char c[10];
int value = 1;

Why the value changes to 0 until I enter 12 chars? Why is 12 not 10 or 11? (I know the terminator and how it pushed to the next memory space)

CodePudding user response:

Objects of a given type are typically placed at memory locations that are a multiple of the object size, i.e. the object is aligned to a boundary matching its size.

An int is typically 4 bytes in size. If c is placed before value in memory, and if c started at a 4 byte offset, then there will be two bytes of padding between them. This would explain why value doesn't get overwritten unless more than 12 bytes or more are written to c.

Note also that this is all undefined behavior as far as the C standard is concerned, however for the purpose of exploiting vulnerabilities it can be useful to examine what specific implementations do under certain conditions.

  • Related