Subject: Re: gzip buffer overflow found
To: Jeremy C. Reed <firstname.lastname@example.org>
From: enami tsugutomo <email@example.com>
Date: 01/19/2001 13:20:06
"Jeremy C. Reed" <firstname.lastname@example.org> writes:
> #0 0x482032a6 in strcpy ()
> #1 0x805a6a0 in _hostname ()
> #2 0x804da2c in main (argc=2, argv=0xbfbe556c) at main.c:356
> #3 0x804a2e5 in ___start ()
> But how can I easily find line "356" with all the #ifdef's and macros?
> (Is there some tool for that?)
Since cpp do some trick, you can just do vi +356 main.c.
Try to look at cc -E output or cc -g -S output.
> After testing further, it appears that the bad strcpy is really line 2434
> in commands.c. I wonder why the backtrace says the other one.
If the buffer is allocated on a stack and overrun occurs, usually the
stack is overwritten and thus debugger confuses.