buffer overflow not affecting const variable?

2018-06-29 13:21:53

I don't know much about hacking, c, assembly, memory and all that stuff so I coudln't resolve my question by my self.

So, buffer overflow overflows into other address of variables and corrupts them. So I tested and it really does. And I thought that if it can overflow constant variable buffer overflow must be super powered and I tested, but it doesn't overflow const variable.

Why is that?

int a;
char buffer[8];

and

const int a;
char buffer[8];

has address of variable 'buffer' in front of address of variable 'a' by size of the 'buffer'. Is there something special in const variable when allocated to a memory?

my sample code:

#include <stdio.h>
#include <string.h>

int main() {
    char buffer1[8];
    const int a=0;                      //vs int a=0;
    char buffer2[8];

    strcpy(buffer1,"one");
    strcpy(buffer2,"two");

    printf("Buffer 2    [%p]: %sn",buffer2,buffer2);
    printf("a           [%p]: %dn",&a,a);
    printf("Buffer 1    [%p]: %sn",buffer1,buffer1);

    printf("nCopy Buffernn");
    strcpy(buffer2,"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");

    printf("Buffer 2    [%p]: %sn",buffer2,buffer2);
    printf("a           [%p]: %dn",&a,a);
    printf("Buffer 1    [%p]: %sn",buffer1,buffer1);

    return 0;
}

Three things come to mind:

This is undefined behavior, so all bets are off the table.

The compiler doesn't even have to look at what a is. If I were a compiler, I would just look at that code and say " a is always zero, so I'm just going to go ahead and replace a with 0 ." The thing is, when you say printf("%p %d", &a, a); , the compiler doesn't even have to get the contents of a . It knows it's going to be zero, always and forever.* So it can just change that code to printf("%p %d", &a, 0); .

Even if a were not const , the compiler would be allowed to "cache" the value of a in a register. It only needs to look up the value once, and then it knows that a never changes*, so it can reuse the value it looked up from before.

*Compilers will make a lot of assumptions, like "this code doesn't invoke undefined behavior." If you invoke undefined behavior, the compiler might make some "wrong" assumptions. Which it probably does, in this case.

Buffer Overflow is UB, so anything can happen.

Also, your compiler could optimize away your const variable, because it has a constant value determined at compile time.

An implementation is allowed to put a const -qualified object in a different memory segment altogether, so that may be why it isn't affected (emphasis on may; since behavior on buffer overflow is undefined, there could be any number of reasons).

Online C 2011 standard, section 6.7.3, footnote 132:

The implementation may place a const object that is not volatile in a read-only region of storage. Moreover, the implementation need not allocate storage for such an object if its address is never used.

链接地址: http://www.djcxy.com/p/82502.html

上一篇: 为什么我们使用堆来存储内存？

下一篇: 缓冲区溢出不影响const变量？