Posts about Programming

Finding a Stack Buffer Overflow

One of the danger of C-style arrays is that their length is not attached to the pointer that points to their beginning. This means that there are lots of unsafe library functions that might write beyond the allocated space.

One such example is sprintf function:

int sprintf(char *str, const char *format, ...);

It just takes a naked pointer to the buffer and a format string, as well as values to format. If the buffer in str is not large enough, sprintf will not know it and just happily write beyond the bounds.

Read more…

Segmentation Fault before Main

There is a great article about the learning curve of C++ stating that there are two types of people who claim to know C++: The first type has knowledge of C and superficial knowledge of C++'s classes and considers themselves an expert in C++ because there is nothing more to it. The second type has gone through the valley of frustrations and knows most of the quirks of the language.

I looked at the points on the curve and checked whether I knew what they are about. I got stuck at the "static object initialization segfaults". So far I have tried very hard to not use global variables in my code, so I did not experience something like this first hand. Since I wanted to know how to do this, I have just tried it out.

Read more…