#include <stdio.h>
int myprint(char* argv1) {
printf("%s", argv1);
}
void foo(char* argv1, char* argv2) {
int (*fptr)(char*) = myprint;
char buf[12];
strcpy(buf, argv1);
fptr(argv2); }
int main(int argc, char **argv) {
if (argc < 3)
{
printf("error\n");
return;
}
foo(argv[1], argv[2]); }
This is the c code I want to overflow. I already disable the aslr. What do I do next?
=======1=======
In your function foo, the next code will cause a buffer overflow
strcpy(buf, argv1);
because the length of the buf is only 12(char buf[12])
strcpy will copy the value from the source address arg1 to buf until it encounters a '\0' in arg1.
So if you give an arg1 whose length is larger than 12, you will get a buffer overflow.
=======2=======
int main(int argc, char **argv)
The parameter int argc is the number of command line parameters and the next parameter char **argv is a pointer which points to those parameters, argv[0] being the name of your program.
So, compile your code like this( say the source file is test.c ):
gcc test.c -o test
and then run it like this:
./test this_is_argv1_its_length_larget_han_12 this_is_argv2
