[OCLUG-devel] arrays

[James Colannino]

Christopher Smith wrote:

> C doesn't have any bounds checking so it's not going to stop you from
> accessing data outside the array. Now, depending on how the allocator
> is setup, there may be some "padding" around your array that prevents
> really bad things from happening. In terms of what could go wrong?
> Well, this is a classic example of how stack overflows occur. You're
> writing past the end of the stack-allocated array, which means you're
> writing all over the stack. I'm guessing you aren't having a problem
> because you're exiting immediately after this. However, if this was in
> a subroutine, then when you return, the subroutine would pop off the 5
> bytes of your array and any arguments that were passed in, and then
> pop off the return address. If the return address has been overwritten
> by your array data, then it'll jump somewhere unanticipated. In most
> cases this will be a segmentation fault because it'll be a totally
> invalid address (which should be happening in this case). Sometimes
> though, you can be unfortunate enough to write in an address that is
> valid, at which your program will jump to that location and attempt to
> execute instructions. Very, very messy.


Chris, thanks for the info.  That's very interesting.  I'm guessing
that's how some programs are exploited and made to run arbitrary
instructions.

James

-- 
My blog: http://www.crazydrclaw.com/
My homepage: http://james.colannino.org/

"A well regulated militia being necessary to the security of a free
state, THE RIGHT of the people to keep and bear arms SHALL NOT BE
INFRINGED." --United States Constitution, Second Ammendment