pointers - C - Buffer on heap not lost after EXEC but saved on stack -


i studying stack buffer overflows , saw made me think. first of operating system damn vulnerable linux kernel 2.6.20 , aslr disabled.

the fact knew when call exec function inside c program, memory in heap , stack zeroed , lost. if allocate buffer in heap (malloc) , pass pointer buffer argument program executed exec function, data inside buffer (in heap) saved on stack. @ end of exec have buffer (that in heap before) in stack. in order make clearer here's example:

program: bingo  #include <stdlib.h>  int main(int argc,char* argv[]){     int i;     char *buffer=malloc(600);     (i=0;i<600;i++){          buffer[i]='a';     }     buffer[600-1]=0;     execl("./test","test",buffer,0);      free(buffer);     return 0; }

and test simple program.

program: test  #include <stdlib.h>  int main(int argc,char* argv[]){     printf("hello world\n");              return 0; }

now if debug bingo program gdb can see content of buffer (all as) put in heap copied on stack during execl function. @ end of execution of program heap zeroed content of buffer has been copied on stack. explanation happens because way content of buffer made available executed program (test). i'd know if behaviour normal. doubt was: when call execl function pass pointer argument executed program (test). 'cause buffer pointer. (probably stupid) question is: shouldn't pointer passed executed program , not content pointed pointer?

thank you

the reason buffer copied stack is being passed parameter, argv[1] in ./test. buffer variable references memory location in bingo. heap allocations not persist when process exits.

note: suppose buffer references 0xfff123 in memory of bingo process. virtual (process-specific) address. 0xffff123 may not mapped ./test. passing pointer 0xfff123 not guaranteed think.

after execl called successfully, bingo exits @ point, , memory associated process lost, , free(buffer) never executes.

answer: no. process heap allocation not persist across processes. shared memory objects kernel persistent, results of malloc invocation not.

i'm not sure of confusion lies, best guess.

relative addressing example:

processes have 0x00000000 (on 32 bit) address. if kernel mapped every process same physical address, each process share 0x0000000 cannot physically happen. kernel changes virtual address (the 0x0000000 ) real physical address 0x3535fffa. pointer in process "aimed at" 0x00000000 virtual 0x3535fffa.

what means cannot directly pass heap pointers between processes. won't work. pointer 0x3535fffa different physical address 0x3535fffa used reference.

execl copying aaaaa's new buffer inside ./test memory, saw.


Comments

Post a Comment

Popular posts from this blog

java.util.scanner - How to read and add only numbers to array from a text file -

i'm learning java , have question regarding reading file want read numbers file contains strings well. here example of file: 66.56 "3 java 3-43 5-42 2.1 1 and here coding: public class test { public static void main (string [] args){ if (0 < args.length) { file x = new file(args[0]); try{ scanner in = new scanner( new fileinputstream(x)); arraylist<double> test = new arraylist<>(); while(in.hasnext()){ if(in.hasnextdouble()){ double f=in.nextdouble(); test.add(f);} else {in.next();} } catch(ioexception e) { system.err.println("exception during reading: " + e); } } my problem add 66.56,2.1 , 1 doesn't add 3 after "3 or ignores 3-43 , 5-42 can tell me how skip strings , add doubles here? thanks all said 3 ie; "3, 3-43 , 4-42 strings either u read string , split , check number @ " , - or put in space between characters , integers. jvm after compilation tre
Read more

javascript - Backbone.js getting target attribute -

i trying figure out why value of e.target.getattribute('data-text') becoming null when go html backbone js file. html: <script type="text/template" id="lesson-template"> <span id="lesson-title"><%= tracks[0].title %></span> <select class="sel"> <% _.each(tracks, function(track) { %> <option value = "<%= track.text %>" data-text="<%= track.title %>"><%= track.title %></option> <% }); %> </select> <p id="tracktext"><%= tracks[0].text %></p> </script> js: window.librarylessonview = lessonview.extend({ events: { "change .sel " : "changetext" }, changetext: function(e) { alert(e.target.getattribute('data-text')); //i getting null value here! document.getelementbyid("lesson-title").innerhtml= e.target.getattribute('data-text&
Read more

html - Repeat image to extend header to fill screen -

i have header (2300x328px) , image (456x328px). want second image extend header left , right, header fills whole width availiable.it needs connect without overlapping, because there pattern. here image of mean: http://imgur.com/0ji3hae circles pattern (why should not overlap) , images extend header can repeated infinitely. for pattern align need align background pattern according header image (ex. center, left etc) , make sure pattern starts @ right place. i made fiddle explain mean - http://jsfiddle.net/taneleero/g99xa/ .header { background:url(http://i.imgur.com/bzvtzl4.jpg) repeat-x center; } .header img { display:block; margin:0px auto; }
Read more