StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POC++ Buffer Overflow
primarykey
Id
8782852
data
AcceptedAnswerId
8783198
AnswerCount
6
ClosedDate
CommentCount
15
CommunityOwnedDate
CreationDate
2012-01-09T00:51:12.900
FavoriteCount
3
LastActivityDate
2016-10-07T15:03:03.867
LastEditDate
2013-05-09T20:26:03.940
LastEditorUserId
1708801
OwnerUserId
1137728
ParentId
0
PostTypeId
1
Score
3
ViewCount
12555
LastEditorDisplayName
text
Body
I'm trying to teach myself about buffer overflows and exploitation in C++. I'm an intermediate C++ guy, at best, so bear with me. I've followed a few tutorials, but here's some example code to illustrate my question: <pre><code>#include <string> #include <iostream> using namespace std; int main() { begin: int authentication = 0; char cUsername[10], cPassword[10]; char cUser[10], cPass[10]; cout << "Username: "; cin >> cUser; cout << "Pass: "; cin >> cPass; strcpy(cUsername, cUser); strcpy(cPassword, cPass); if(strcmp(cUsername, "admin") == 0 && strcmp(cPassword, "adminpass") == 0) { authentication = 1; } if(authentication) { cout << "Access granted\n"; cout << (char)authentication; } else { cout << "Wrong username and password\n"; } system("pause"); goto begin; } </code></pre> I know there's all kinds of bad juju in here with <code>cin << String</code>, etc... Anyhow, when I enter too many letters (a ton of <code>A</code>'s for instance) into <code>cUser</code> and <code>cPass</code>, I just get an Access Violation from Visual Studio. If, however, I type 20ish <code>A</code>'s, then a space, then another <code>A</code> into <code>cUser</code>, it skips asking me for <code>cPass</code> (assuming because it's been filled after the space character caused the previous call to <code>cin</code> to return) and just grants me access. At what point, and why, is data overflowing into "authentication" and why does it only happen when I have the space and not when I have a million <code>A</code>'s... I never get the "Access Violation" when I use a space in the input for <code>cUser</code>.
Tags
<c++><overflow><buffer><exploit>
Title
C++ Buffer Overflow
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USShafik Yaghmour
UserOwnerUserId
1. USsraboy
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POC++ Buffer Overflow
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTDownMod
2. VO
 singulars
 PostPostId
 POC++ Buffer Overflow
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POC++ Buffer Overflow
 UserUserId
 USÉtienne
 VoteTypeVoteTypeId
 VTFavorite
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.