Home/ Questions/Q 8752781
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T13:18:06+00:00

I have this code below: char buffer[10]; void main(int argc, char *argv[]) { strcpy(buffer,

  • 0

I have this code below:

char buffer[10];      

void main(int argc, char *argv[]) {

   strcpy(buffer, argv[1]);
   printf("value of buffer %s\n",buffer);
}

I know that placing the buffer variable inside the main function I could overflow the stack, however by declaring it as a global variable, no matter how many ascii characters I enter from the command line that nothing happens. I was expecting a segmentation fault but it seems that it prints all the characters I enter. How come?

I have another question related to the topic, if a program has a buffer overflow vulnerability, e.g. stack overflow, could I enter a code as large as I wanted into the vulnerable variable or would the SO throw a segmentation default exception if the code surpasses the boundaries of the memory allocated for the user program?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You are overflowing your global variable, it’s just that nothing (obviously) bad happens because of it. Try changing your code to look like:

    char before[20];
char buffer[10];
char after[20];

    Depending on how your tool-chain lays out memory, you should be able to see the consequences of overflowing buffer in either before or after.

    The specific reason you don’t get a SEGV is that those only happen when a location you try to store to is outside the region the operating system has allocated to your process. This allocation is done on 4k units (typically) and usually several of those, so you’ll probably have to overflow global by at least 4kB, and probably 1MB or more to trigger a SEGV.

    • 0