i'm currently learning about buffer overflows in c, and i'm following this video as a tutorial.
So I have the following code:
#include <stdio.h>
include <string.h>
int main(int argc, char *argv[]){
char buf[256];
strcpy(buf, argv[1]);
printf("%s,", buf);
return 0;
}
And I compile it in a way that should disable aslr $ gcc buf.c -o buf -no-pie -fno-PIE .
I then use gdb to find the location of the buffer I want to target. After that I try to see if I can provoke a segmentation fault by inputting a string that is too large into the program:
(gdb) run $(python3 -c "print('A'*265)")
Starting program: /home/ask/Notes/ctf/bufoverflow/code/buf $(python3 -c "print('A'*265)")
*** stack smashing detected ***: terminated
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
And much like I expected, this results in the program terminating with an error.
But, in the video that I have been looking at, the error that is provoked by this behavior is the Segmentation fault(SIGSEGV) .
When I look up these two errors, it makes sense that I get the stack smashing error, since I am reaching out of bounds on the stack.
It seems like the stack smashing is raised before the SIGSEGV error is even hit.
So my question is, why can it be that one example gets one error, while I get the other? Does this likely have to do with the machine that I am running it on, and which protective settings are on it, or is something else to blame?
