Home/ Questions/Q 7007493
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T21:36:51+00:00

I recently read a text regarding buffer overflows that mentioned that setting breakpoints can

  • 0

I recently read a text regarding buffer overflows that mentioned that setting breakpoints can offset your memory addresses a bit. I think I ran into this issue the other day when attempting to overwrite an EIP: the exploit seemed to work when I didn’t set a breakpoint, but caused a segfault when a breakpoint was set. What happened?

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I recently read a text regarding buffer overflows that mentioned that setting breakpoints can offset your memory addresses a bit.

    Either you didn’t understand what that text was saying, or the text is wrong. It’s hard to say which of the two possibilities is true, since you didn’t provide a link to the text, or an actual quote.

    Update:

    http://www.deadc0de.info/2009/11/08/solution-level5-of-smashthestack-io/

    "as I said above, we have our return address completely overwritten on
    the stack with C’s (0x43). However, when you set your breakpoint on
    printf() the address may change."

    That statement is bogus. Setting a breakpoint can not and will not change the stack location where %ebp and the return address are stored.

    Setting a breakpoint does not normally affect memory layout, but may affect page protections: in order to insert a breakpoint, the debugger will usually do ptrace(PTRACE_POKETEXT, ...). That may or may not cause the .text page with the breakpoint writable (depending on the OS).

    What happened?

    You have not provided sufficient data to answer that question.

    • 0