Reputation: 61
Overwriting local variables located located below the buffer using buffer overflow
I am doing some basic research on stack overflow and have some trouble how to overwrite/modify a local variable that is located below the buffer in the memory.
Consider the following piece of pseudo C code
char buff[20];
int pass=0;
.
.
.
gets(buff)
check if buff equals something, if true set pass == 1
if pass == 1, grant access
Now, from what I gather the variables declared are ordered inversely on the stack. That is, buff is located above pass in the stack. When gets copies something into buff, the buffer grows towards high address space - towards the return address and away from the pass variable. It doesn't matter what input I type - I simply cannot overwrite pass since it is on the 'wrong' side of the buffer?
Upvotes: 1
Views: 794
Answers (1)
Reputation: 31389
You get no guarantees about the location of the variables on the stack. The compiler may rearrange them. And it does not matter if pass happens to be located right after buff[19]. Trying to access buff[20] is still undefined behavior. And undefined behavior is undefined, so anything may happen.
However, if you declare a struct it is a bit different. Let's take this simple example:
struct foobar {
int foo;
char bar;
struct foobar * next;
}
Here you have guarantees that foo, bar and next will be in the order you have specified.
Upvotes: 2
Related Questions
- Buffer overflow that overwrites local variables
- Buffer Overflow explanation
- Local variable position on stack not changing
- C - Buffer Overflow Details
- Local variables on stack
- Buffer overflows - overwriting a string
- Buffer overflow wrong variable changing value
- Local variable storage on memory in C
- C execution stack - local variable allocation
- about buffer overflow