Menu
I'm reading Hacking: The Art of Exploitation (2nd Edition), and I'm currently on the section about buffer overflows.
In the first example, the variables are declared/initialized in this order:
int auth_flag = 0;
char password_buffer[16];
The example goes on to explain that you can use gdb to examine auth_flag and password_buffer's addresses, and you'll notice that auth_flag's address is higher than password_buffer's. Things to keep in mind: I'm running all of this in Ubuntu within Virtualbox on a Macbook Pro (Intel processor, 64-bit).
I compiled the first example's code like this: gcc -g -fno-stack-protector -o auth_overflow auth_overflow.c
As expected, auth_flag's address is higher than password_buffer's.
To remedy the problem presented above, the author explains you should switch the ordering of the declarations:
char password_buffer[16];
int auth_flag = 0;
I compiled the code the same way: gcc -g -fno-stack-protector -o auth_overflow2 auth_overflow2.c
Unfortunately, I did not see auth_flag's address being lower than password_buffer's. In fact, it was still higher. Why is this? What am I doing wrong?
493
The compiler is allowed to choose whatever order it wants, in order to provide more optimal code, or even just random because it's easier to implement. One thing you might try is -O0 flag which disables all optimizations.
190
Compilers are free to rearrange variables as they feel is best. I believe that the only restriction in the order of struct members. Those must be in memory in the same order as declared in the struct.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
