Menu
Lets us consider the following program :
#include <stdlib.h>
int main(int argc, char **argv){
int a,b;
if (argc != 3)
return -1;
a = atoi(argv[1]);
b = atoi(argv[2]);
a = b ? a/b : 0;
return a;
}
The task is to crash the program by providing arguments in command-line.
270
Command-line arguments are given after the name of the program in command-line shell of Operating Systems. To pass command line arguments, we typically define main() with two arguments : first argument is the number of command line arguments and second is list of command-line arguments.
Go by Example: Command-Line Arguments os. Args provides access to raw command-line arguments. Note that the first value in this slice is the path to the program, and os. Args[1:] holds the arguments to the program.
Pass a as the platform's INT_MIN and b as -1. Then you get an overflow error on any two's complement machine, although that's not necessarily a crash.
164
The answer to this question is: It depends.
One of the critical pieces of information you need to know is how atoi is implemented and if it's standards compliant. The standard says very little about implementation details and is more specific on the input output behavior. Lets assume for a minute it's indeed standards compliant and focus on the implementation.
There are several methods which can be validly used and one of them is recursively. Lets assume for a second that it's implemented as a head recursive algorithm which forces a build up of stack. I could then cause this program to crash by providing a long enough argument that it forced atoi to recurse deep enough to stack overflow and hence crash the application.
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
