Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Valgrind won't detect buffer overflow

Tags:

c

valgrind

buffer-overflow

#include <stdio.h>
main()
{     
    char buf[8];
    sprintf(buf,"AAAA%3s","XXssssssssXXXsssssXXX");
    printf("%s\n",buf);
}

I expected valgrind to detect a buffer overflow with the above code. But it does not report any errors or warnings. Do I need to enable any special flags for that?

like image 265
webminal.org Avatar asked Apr 24 '15 08:04

webminal.org

1 Answers

From Valgrind Tutorial

What valgrind is NOT

Although valgrind is an extremely useful program, it will not miraculously tell you about every memory bug in your program. There are several limitations that you should keep in mind. It does not do bounds checking on stack/static arrays ..

like image 128
Dayal rai Avatar answered Oct 18 '22 08:10

Dayal rai
Sign in to Comment

Related questions

Cost of a page fault trap
Typedefs and printf format specifiers
Can't assign values to variable and pointer [duplicate]
Definition of main() in C [duplicate]
break in do while loop
__vdso_time missing from core utils?
C String Literal "too big for character"
Why do we need to add a '\0' (null) at the end of a character array in C?
Maximum size of a bit field in C or C++? [duplicate]
Debug fork() in eclipse cdt
Runtime Memory allocation on stack
note: previous implicit declaration of ‘point_forward’ was here
__isoc99_scanf and scanf
In what languages besides C can I write a C library?
open() doesn't set O_CLOEXEC flag
Why is h_addr_list in struct hostent a char ** instead of struct in_addr **?
Nameless union inside a union
Difference in floating point arithmetics between x86 and x64
What is MODULE_ALIAS in Linux device driver code?
How to struct unpack c null terminated string?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!