Buffer Overflow Lab

Simple Buffer Overflows

As previously stated, Strings are \0 terminated arrays of characters. The size of the array is specified when the array is declared. When the string is assigned a value via an assignment or input statement, this machine does not check the length of the input to the size of the array. This allows the char buffer to overflow into subsequent memory locations. The exact impact of the overflow depends on what is contained in the memory locations immediately after the buffer. If it is other data locations, the overflow will affect their values. If it is instructions, it can change the instruction to something else, or possibly result in an illegal instruction.

Step through the program and enter different values for the various input statements to see how excessively long strings affect subsequent locations. Note that you enter data in the white text box at the "Input>" prompt. Be sure to press enter, or nothing will happen!

When you are comfortable with your answers to the prior questions, now try being deliberate, and purposely enter strings to create an overflowed value in myInt. You should probably Google "Ascii table" to get a chart of values that will help you construct your strings.

When you enter 456 for myInt, ABCDEF for Buff2, XYZ for Buff1. The output is:

XYZ ABCDEF 456 *** END OF PROGRAM ***

When you enter 456 for myInt, ABCDEF for Buff2, XYZZY for Buff1. The output is:

Outputs: XYZZY Y 456 *** END OF PROGRAM ***

1. Explain what happened with the above output?

When you enter 456 for myInt, ABCDEFGHIJ for Buff2, XYZ for Buff1. The output is:

XYZ ABCDEFGHIJ 18762

2. Explain what happened?

3. Enter 5555 for myInt, then enter strings into Buff2 and Buff1 so that myInt gets changed to 20565 (base 10). Explain what you did.

4. Enter 5555 for myInt, then enter strings into Buff2 and Buff1 so that myInt gets changed to 85 (base 10). Explain what you did.

/* Simple buffer overflow example Memory between variables in memory Buffer Overflow Lab Addr Value 03ff 000