On Thu, Jul 12, 2012 at 8:09 PM, Ernesto Messina
<ernesto.mess...@gmail.com> wrote:
> Hello, I think I found an overflow bug. I got the follow C program:
>
> #include <stdio.h>
> #include <string.h>
>
> int main(int argc, char *argv[])
> {
> char a[10];
> int i;
>
> strcpy(a, argv[1]);
>
> return 0;
> }
>
> Compiling with: gcc program.c -o program
> And running: program `perl -e 'print "a" x 24'`
>
> The terminal loses the control, entering into a infinite buckle, and
bash is not the terminal and is not involved once the program runs,
and yes, writing buggy programs can cause buggy behaviour. On this
system man strcpy says under BUGS:
If the destination string of a strcpy() is not large enough, then any‐
thing might happen. Overflowing fixed-length string buffers is a
favorite cracker technique for taking complete control of the machine.
PS: "infinite loop" not "infinite buckle"
