Simple Buffer Overflow Example

Published: 2017-05-16 13:11:48 +0000
Categories: C,

Language

C

Description

This is here primarily as a useful place to point to as an example

We're deliberately allowing the character buffer mybuff to overflow. When called from bash, anything after the 5th input character will end up being executed as a BASH command

Snippet

#include <stdio.h>
#include <unistd.h>

#define BUFLEN 5

void
readMyData()
{
  char mybuff[BUFLEN];
  while (1) {
    int r = read(0, mybuff, BUFLEN);
    if (r <= 0) return;
    mybuff[r] = 0;
    printf("You entered: %s\n", mybuff);
    return;
  }
}

void
main (){

    readMyData();

}

Usage Example

gcc example.c -o overflow
./overflow

1234 whoami

Keywords

Buffer, overflow, security, example, charbuffer,

Latest Posts

Reducing overhead of large S3 file syncs with s3cmd (Misc)
Re-using SSH connections with controlmaster (Misc)
Check Which Region and Service an AWS IP is used for (Misc)
Get monthly power use and cost (Flux)
Rewrite all target _blank links to use rel noopener (Javascript)
Run javascript on document ready (Javascript)
Detect Tor2Web client side (Javascript)
Divide field value by n (Flux)
Listing current switch interface status with Flux (Flux)
Running ps inside a Debian Docker Container (Misc)
Copyright © 2022 Ben Tasker | Sitemap | Privacy Policy
Available at snippets.bentasker.co.uk, http://phecoopwm6x7azx26ctuqcp6673bbqkrqfeoiz2wwk36sady5tqbdpqd.onion and http://snippets.bentasker.i2p
hit counter