CSCI 2400 Lecture Notes - Lecture 9: C Dynamic Memory Allocation, Windows Live Messenger, Finger Protocol
Document Summary
Check unlimited command to see the stack limit on machine. Functions store local data on in stack frame. Recursive functions cause deep nesting of frames. When exceeding the memory size allocated for an array. It"s the #1 technical cause of security vulnerabilities. #1 overall cause is social engineering / user ignorance. Particularly for bounded character arrays on the stack. No way to specify limit on number of characters to read. Strcpy, strcat: copy strings fo arbitrary length. Scanf, fscanf, secant, when given %s conversion specification. Overwrite normal return address a with address of some other code s. When q executes ret, will jump to other code. Reason gcc needs to be given with option else it will compile it with overflow protection. Let"s compile program with both option and check it. 2 objects smashing and overflow, in overflow 23 characters are used wherein smashing you can give.