• caglararli@hotmail.com
  • 05386281520

How do I successfully test this trivial buffer overflow written in C?

Çağlar Arlı      -    17 Views

How do I successfully test this trivial buffer overflow written in C?

I am trying to test this example from StackOverflow (how-can-i-invoke-buffer-overflow), but I am not having success.
I also asked for clarification two weeks ago, directly on the post (through a comment) but there was still no answer (perhaps too old, 2010).
I am asking for a parsimoniously way of make this work: compiler options, operating system configuration, if necessary changing the code to make it compliant with today's process/memory layout or able to surpass, by the least, today's security OS protections.
I tried my own guesses but nothing seems to work. I would like to avoid continuing doing superstitious attempts (compiler options that have nothing to do, operating system tinkering that has nothing to do) and opted to ask here if an expert or a well informed person come up with a proposal or at least points to a promising path.

My result:

$ gcc overflow.c
$ ./a.out  
now inside f()!

Result supposed to happen:

nils@doofnase:~$ gcc overflow.c
nils@doofnase:~$ ./a.out
now inside f()!
now inside g()!
now inside g()!
now inside g()!
now inside g()!
now inside g()!
now inside g()!
Segmentation fault

Code:

#include <stdio.h> 
#include <stdlib.h> 


void g()  
{ 
       printf("now inside g()!\n"); 
} 


void f()  
{ 
       int i; 
       void * buffer[1]; 
       printf("now inside f()!\n"); 

       // can only modify this section 
       // cant call g(), maybe use g (pointer to function) 

       // place the address of g all over the stack: 
       for (i=0; i<10; i++) 
               buffer[i] = (void*) g; 

       // and goodbye... 
} 


int main (int argc, char *argv[]) 
{ 
       f(); 
       return 0; 
}

My machine:

x86_64 GNU/Linux 
6.10.9-amd64