home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.lang.c
- Path: bunyip.cc.uq.oz.au!un!news
- From: al012@svtstu.seqeb.gov.au (Anthony Lee)
- Subject: Why isn't return address in the stack protected?
- X-Nntp-Posting-Host: 147.209.150.100
- Message-ID: <DLo4xF.MH@un.seqeb.gov.au>
- Sender: news@un.seqeb.gov.au (USENET News System)
- Organization: Your Organization
- X-Newsreader: WinVN 0.93.14
- Mime-Version: 1.0
- Date: Wed, 24 Jan 1996 04:39:14 GMT
-
- void log_event(void)
- {
- char message[256];
- int i;
-
- sprintf(message,
- " Event, node: %d, seq:%08.8x, type:%02.2d,
- length:%03.3d, data: ",
- nodeid, me.seqno, me.type, me.length);
-
- for ( i = 0; i < me.length; i++)
- sprintf(&message[strlen(message)],"%02.2x
- ",me.data.array[i] & 0xff);
- printf("%s\n", message);
-
- }
-
- In the above code if the me.length is such that the resultant
- string is longer than the size of message (> 256 bytes). Then
- my C program would happily sprintf into message. The problem is
- that it starts writing all over the stack causing the program
- to fall over. My question is why can't the run time environment
- protect the stack from such access and flag an error?
- --
- Anthony Lee These are my opinions and not SEQEB.
- SEQEB
- 150 Charlotte Street ..-- __o
- Brisbane ....-- _ \<,_
- Qld 4000 ____ (_)/ (_)
-
- Australia
- voice:+61 7 3407 4541 Death to the Daleks!!!!
- fax: +61 7 3407 4607
- email: AL012@svtstu.seqeb.gov.au
-
-
