Simple Buffer Overflow Example



Published: 2017-05-16 13:11:48 +0000
Categories: C,

Language

C

Description

This is here primarily as a useful place to point to as an example

We're deliberately allowing the character buffer mybuff to overflow. When called from bash, anything after the 5th input character will end up being executed as a BASH command

Snippet

#include <stdio.h>
#include <unistd.h>

#define BUFLEN 5

void
readMyData()
{
  char mybuff[BUFLEN];
  while (1) {
    int r = read(0, mybuff, BUFLEN);
    if (r <= 0) return;
    mybuff[r] = 0;
    printf("You entered: %s\n", mybuff);
    return;
  }
}

void
main (){

    readMyData();

}

Usage Example

gcc example.c -o overflow
./overflow

1234 whoami

Keywords

Buffer, overflow, security, example, charbuffer,

Latest Posts

Urldecode string (LUA)
FFMPEG Convert YUV444p to YUV420p (BASH)
Forcing FFMPEG to honour segment length in HLS Stream Creator (BASH)
Force CURL to place request to a specific IP (BASH)
Set a variable only if it is undefined (Javascript)
Ignore query string with Nginx caching proxy (NGinx)
Get breakdown of UK and non-UK votes for a Parliamentary Petition (Python)
Decompress Mozilla Firefox jsonlz4 bookmark backup files (Python)
Setting Git author details for a single repo (Git)
Checking Virtual Machine Resource Allocations with Libvirt (BASH)

Copyright © 2019 Ben Tasker | Sitemap | Privacy Policy
Available at snippets.bentasker.co.uk and snippets.6zdgh5a5e6zpchdz.onion