C 为什么我的';缓冲区溢出';程序在Windows上不会导致缓冲区溢出,但在Linux上使用该程序时是否会溢出?
我目前正在学习缓冲区溢出,并编写了一个C语言中使用两个缓冲区的示例,缓冲区2被故意认为具有超出其应能处理的字节数,但在Windows中不知何故,它表明,额外的字节仍然在缓冲区2中,而缓冲区1在被覆盖时仍然保持其原始字节的完整性。我注意到的唯一变化是,我添加了两倍于缓冲区可占用的字节数,这导致缓冲区1完全为空 然而,当我在Linux计算机上执行完全相同的程序时,缓冲区1被缓冲区2的多余字节成功溢出。所以我的问题是:Windows中发生了什么事情阻止了我获得相同的输出?如果可能,我如何修复它C 为什么我的';缓冲区溢出';程序在Windows上不会导致缓冲区溢出,但在Linux上使用该程序时是否会溢出?,c,overflow,C,Overflow,我目前正在学习缓冲区溢出,并编写了一个C语言中使用两个缓冲区的示例,缓冲区2被故意认为具有超出其应能处理的字节数,但在Windows中不知何故,它表明,额外的字节仍然在缓冲区2中,而缓冲区1在被覆盖时仍然保持其原始字节的完整性。我注意到的唯一变化是,我添加了两倍于缓冲区可占用的字节数,这导致缓冲区1完全为空 然而,当我在Linux计算机上执行完全相同的程序时,缓冲区1被缓冲区2的多余字节成功溢出。所以我的问题是:Windows中发生了什么事情阻止了我获得相同的输出?如果可能,我如何修复它 #in
#include <stdio.h>
#include <string.h>
[int main(int argc, char *argv\[\]){
int value = 5;
char buffer_one\[8\], buffer_two\[8\];
strcpy(buffer_one, "one"); /* Put "one" into buffer_one. */
strcpy(buffer_two, "two"); /* Put "two" into buffer_two. */
printf("\[BEFORE\] buffer_two is at %p and contains \'%s\'\n", buffer_two, buffer_two);
printf("\[BEFORE\] buffer_one is at %p and contains \'%s\'\n", buffer_one, buffer_one);
printf("\[BEFORE\] value is at %p and is %d (0x%08x)\n", &value, value, value);
printf("\n\[STRCPY\] copying %d bytes into buffer_two which has %d bytes \n\n", strlen(argv\[1\]), sizeof(buffer_two));
strcpy(buffer_two, argv\[1\]); /* Copy first argument into buffer_two. */
printf("SIZE OF BUFFER_TWO: %d\n", sizeof(buffer_two));
printf("IN BUFFER 2: %d bytes\n", strlen(buffer_two));
printf("IN BUFFER 1: %d bytes\n", strlen(buffer_one));
printf("\[AFTER\] buffer_two is at %p and contains \'%s\'\n", buffer_two, buffer_two);
printf("\[AFTER\] buffer_one is at %p and contains \'%s\'\n", buffer_one, buffer_one);
printf("\[AFTER\] value is at %p and is %d (0x%08x)\n", &value, value, value);
}
写入已分配内存是未定义的行为。“未定义的行为”应该做什么?缓冲区在Windows中也溢出,但由于变量在Windows上的排列可能不同,溢出没有产生您预期的结果。不管怎样:未定义的行为包括“显然工作正常”和“超出我预期的事情”。
**The Execution Commands**
overflow 123456789012345
**The output:**
[BEFORE] buffer_two is at 000000000062FE00 and contains 'two'
[BEFORE] buffer_one is at 000000000062FE10 and contains 'one'
[BEFORE] value is at 000000000062FE1C and is 5 (0x00000005)
[STRCPY] copying 15 bytes into buffer_two which has 8 bytes
SIZE OF BUFFER_TWO: 8
IN BUFFER 2: 15
IN BUFFER 1: 3
[AFTER] buffer_two is at 000000000062FE00 and contains '123456789012345'
[AFTER] buffer_one is at 000000000062FE10 and contains 'one'
[AFTER] value is at 000000000062FE1C and is 5 (0x00000005)