Gerardo Richarte [Tue, Feb 12, 2002 at 07:18:28PM -0300]: > Claes Nyberg wrote: > > > $ cat test.c > > int main(int argc,char *argv[]) { > > char buf[256]; > > > > strcpy(buf,argv[1]); > > exit(1); > > } > PS: Anyway, don't always believe what everybody said... there are situations where it is > exploitable... different platforms, different architectures maybe. And I've seen really > creative answers to the problem too This is kinda tricky for beginners: char string = "Test string"; char *buf = (char *)malloc(strlen(string)); strcpy(buf, string); puts(buf); On FreeBSD it worked, but sometimes the output contained some random chars at the end of the string. Simply, strlen() returns length of string without the null byte. But - when I compiled the code with mingw32 and run it on Windows, it refused to work (no output, just a window about application and invalid operation). -- ::( Micha³ Pasternak ::( http://lublin.t1.pl ::( +48606570000
This archive was generated by hypermail 2b30 : Tue Feb 12 2002 - 15:02:10 PST