I am on CentOS 6.4 32 bit and am trying to cause a buffer overflow in a program. Within GDB it works. Here is the output: [root@localhost bufferoverflow]# gdb stack GNU gdb (GDB) Red Hat Enterpris...

i, and a few thousand other people, are getting an error being thrown by the Microsoft Visual C++ Runtime: Which for the benefit of search engines, says: Microsoft Visual C++ Runtime Library ...

void function(int a, int b, int c) { char buffer1[5]; char buffer2[10]; int *ret; ret = buffer1 + 12; (*ret) += 8;//why is it 8?? } void main() { int x; x = 0; function(1,2,3); x = 1; ...

I use this code: while ( scanf("%s", buf) == 1 ){ What would be the best way to prevent possible buffer overflow so that it can be passed strings of random lengths? I know I can limit th...

Edit: I've added the source for the example. I came across this example: char source[MAX] = "123456789"; char source1[MAX] = "123456789"; char destination[MAX] = "abcdefg"; char destination1[MAX]...

What is the difference between a stack overflow and a buffer overflow in programming?

I encountered this question while writing a program that requires the sprintf function. In some cases, using the sprintf function can lead to memory overflow and pose a security risk. So, you can u...

I am at the very beginning of learning C. I am trying to write a function to open a file, read a BUFFER_SIZE, store the content in an array, then track the character '\n' (because I want to get ea...

When I try to compile C code that uses the gets() function with GCC, I get this warning: (.text+0x34): warning: the `gets' function is dangerous and should not be used. I remember this has so...

I know languages like c# aren't vulnerable to buffer overflows unless you marshal or use unsafe code. But is go vulnerable for buffer overflows?

I have a buffer, I am doing lot of strncat. I want to make sure I never overflow the buffer size. char buff[64]; strcpy(buff, "String 1"); strncat(buff, "String 2", sizeof(buff)); strncat(buff,...

Android application crashing often, Following are the logs from logcat. com.google.android.apps.gsa.shared.speech.a.g: Error reading from input stream at com.google.android.apps.gsa.staticplu...

Short Story I am writing a simple program in Assembly to simulate buffer overflow. The buffer is simply memory allocation from 512 bytes stack and then read() syscall is called with 4096 bytes from...

I'm currently reading (for the second time) "Hacking : The Art of Exploitation" and have stumbled on something. The book suggests two different ways to exploit these two similar programs : auth_ov...

I want to exploit a stack based buffer overflow for education purposes. There is a typical function called with a parameter from main, which is given as input from the program a local buffer where...

What set of GCC options provide the best protection against memory corruption vulnerabilities such as Buffer Overflows, and Dangling Pointers? Does GCC provide any type of ROP chain mitigation? Are...

I'm practicing some buffer-overflow techniques and I came across an odd issue with sending socked data. I have this two almost identical codes, except the fact that in Python3 code, I changed the ...

I made a c vulnerable C code and tried to exploit it but it doesn't seem to work even though I copied other examples. I apologize if I included lot of code. #include <stdio.h> #include <s...

I am completing a homework assignment (I can't post the code because of this), and I get this runtime error very infrequently: * stack smashing detected *: terminated Aborted (core dumped) When I...

I was solving a question on Leetcode (Trapping rain water) and I wrote my solution which had been tested on my local machine as well as on GeeksForGeeks where it passed all TC's. the code is:...

I wanted to know how the following error message should be read. In particular: (1) what do things such as fa (heap left redzone) and fd (freed heap region) mean? (2) What is the significance o...

I apologize in advance for the useless title of this question, but nothing seemed to fit better. The idea here is to replicate argv in another variable, essentially making a copy of it. So the bas...

I've written a piece of C code and I've disassembled it as well as read the registers to understand how the program works in assembly. int test(char *this){ char sum_buf[6]; strncpy(sum_buf,this...

I started studying software security, and I'm having trouble getting what buffer overflow attack and ROP attack are. From what I understand is, Buffer overflow attack: When a buffer has a cer...

I have heard about a buffer overflow and I would like to know how to cause one. Can someone show me a small buffer overflow example? New(And what they are used for?)