Chinaunix首页 | 论坛 | 博客
  • 博客访问: 719497
  • 博文数量: 26
  • 博客积分: 10
  • 博客等级: 民兵
  • 技术积分: 3182
  • 用 户 组: 普通用户
  • 注册时间: 2011-02-23 14:29
个人简介

7年游戏服务器开发,擅长c/c++,javesript,php;熟悉linux,mysql/redis,elasticsearch;开源爱好者.github : https://github.com/yuyunliuhen

文章分类

全部博文(26)

文章存档

2016年(1)

2015年(3)

2014年(3)

2013年(19)

分类: C/C++

2013-04-13 12:59:15

一,数据越界,下面以四种常见字符串操作为例
(1)无界字符串拷贝
code:

点击(此处)折叠或打开

  1. #include <string.h>
  2. int main(int __argc,char* __argv[])
  3. {
  4.     //    unbounded string copy
  5.     char __desc[10];
  6.     strcpy(__desc,__argv[1]);
  7.     strcat(__desc," and ");
  8.     strcpy(__desc,__argv[2]);
  9.     return 0;
  10. }


usage:

点击(此处)折叠或打开

  1. valgrind --tool=memcheck --log-file=memcheck.log ./memcheck_test 0123456789
output:

==2592== Memcheck, a memory error detector
==2592== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==2592== Using Valgrind-3.6.1-Debian and LibVEX; rerun with -h for copyright info
==2592== Command: ./memcheck_test 0123456789
==2592== Parent PID: 1974
==2592==
==2592== Invalid read of size 1
==2592==    at 0x4C2983B: __GI_strcpy (mc_replace_strmem.c:313)
==2592==    by 0x4005EF: main (memcheck_test.cc:8)
==2592==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==2592==
==2592==
==2592== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==2592==  Access not within mapped region at address 0x0
==2592==    at 0x4C2983B: __GI_strcpy (mc_replace_strmem.c:313)
==2592==    by 0x4005EF: main (memcheck_test.cc:8)
==2592==  If you believe this happened as a result of a stack
==2592==  overflow in your program's main thread (unlikely but
==2592==  possible), you can try to increase the size of the
==2592==  main thread stack using the --main-stacksize= flag.
==2592==  The main thread stack size used in this run was 8388608.
==2592==
==2592== HEAP SUMMARY:
==2592==     in use at exit: 0 bytes in 0 blocks
==2592==   total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==2592==
==2592== All heap blocks were freed -- no leaks are possible
==2592==
==2592== For counts of detected and suppressed errors, rerun with: -v
==2592== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)

阅读(2265) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~