I’m toying with buffer overflows, but I’m confused by what I’m finding when running

Question

0

Asked: May 23, 20262026-05-23T14:28:02+00:00 2026-05-23T14:28:02+00:00

I’m toying with buffer overflows, but I’m confused by what I’m finding when running

0

I’m toying with buffer overflows, but I’m confused by what I’m finding when running the following simple C program on Mac OS.

#include <stdio.h>

int main(void) {

        char buf[2];

        scanf("%s", buf);

        printf("%s\n", buf);

}

By setting the length of buf to 2 bytes, I expected to cause a segmentation fault when entering the string “CCC”, but that doesn’t happen. Only when entering a string 24 characters in length do I incur a segmentation fault.

What’s going on? Is it something to do with character encoding?

Thanks.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T14:28:03+00:00

Editorial Team

2026-05-23T14:28:03+00:00Added an answer on May 23, 2026 at 2:28 pm

The behavior of your program is undefined as soon as you overflow the buffer. Anything can happen. You can’t predict it.

There might or might not be some padding bytes after your buffer that happen to be unimportant to your code execution. You can’t rely on that. A different compiler, compiling in 32bit vs 64bit, debug settings… all that could alter your code execution after that overflow.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m toying with buffer overflows, but I’m confused by what I’m finding when running

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply