El 11/04/2010 9:06, patrick keshishian escribis:
quoted text
> On Sat, Apr 10, 2010 at 11:37 PM, Jesus Sanchez<zexel08@gmail.com>  wrote:
>    
>>      
>>> i don't think so. Use gdb and see where you are writing to.
>>>
>>> Based on your description of your a.c and b.c, I assume in a.c you
>>> have "char foo;" (global), and in b.c you by mistake have "extern int
>>> foo;".
>>>
>>> If your foo variable is at address, say 0x11111111, and you write two
>>> bytes to that address, where foo is in fact a char (single byte), the
>>> other byte will be written to address 0x11111112.
>>>
>>> You can test this with a simple example program, where you can declare
>>> other char variables around your foo variable and print all of them
>>> after the foo assignment and see which ones got clobbered.
>>>
>>> Then again, maybe I'm misunderstanding your initial problem, you
>>> didn't show your code.
>>>
>>> --patrick
>>>
>>>
>>> Breakpoint 1, main (argc=1, argv=0xfffc8c8c) at a.c:30
>>> 30              bar();
>>> (gdb) p&f
>>>  = (int *) 0x1842116
>>> (gdb) x/4b 0x1842116
>>> 0x1842116<f>:  0x00    0x00    0x00    0x00
>>> bar () at b.c:14
>>> 14              f = 0x44332211;
>>> (gdb) n
>>> 16      }
>>> (gdb) x/4b 0x1842116
>>> 0x1842116<f>:  0x44    0x33    0x22    0x11
>>> (gdb) p&g
>>>  = 0x1842117 "3\"1"
>>> (gdb) p&k
>>>  = 0x1842119 "1"
>>> (gdb) p&l
>>>  = 0x1842118 "\"1"
>>> (gdb) p/x f
>>>  = 0x44332211
>>> (gdb) p/x g
>>>  = 0x33
>>> (gdb) p/x l
>>>  = 0x22
>>> (gdb) p/x k
>>>  = 0x11
>>>
>>> Looks like the "extern int foo;" confused gdb.
>>>
>>>
>>>        
>> I'm not using extern for the variables,
>>      
> I assumed you were.
>
> Looking at the code you provided, my initial guess would have been
> that foo in b.c and the one declared in a.c would have caused the
> linker to complain, but I am wrong.
>
> So, in fact, it looks like the section you found and quoted is the answer.
>
>    

Declarations and definitions are very tricky for sure, i mean if you 
define the foo vars
instead of just declaring them, for example doing a initialization for 
all foo vars  on a.c:

char foo=5;
char foo1=5;
char foo2=5;
char foo3=5;

then the thing changes drastically because now they have 0xXXX0, 0xXXX1,
0xXXX2, 0xXXX3 addresses, so on overfoo() function you're doing one
perfect example of buffer overflow, even you can try assigning 0x44332211 to
foo on 'b.c' and print them later, it will show something like

foo value is: 0x11
foo1 value is: 0x22
foo2 value is: 0x33
foo3 value is: 0x44

maybe i didn't explained myself very well, you can try to print the 
addresses
of the foo vars with and without definition.

see ya.
-J

quoted text
> I learned something today :)
> --patrick
>
>
>    
>> anyway
>> here is the code (to a extremely basic level) using your hint about
>> making more char variables around foo to show them later:
>>
>> all compiled with gcc -Wall -W without warning
>>
>> ---------- a.c      ------------------------------------------
>> #include<stdio.h>
>>
>> char foo;
>> char foo1;
>> char foo2;
>> char foo3;
>>
>> void overfoo(); /* the func that will overflow the foo variable */
>>
>> int main(){
>>
>>    overfoo(); /* after calling we have 0x2211 on foo variable */
>>
>>    printf("%x\n",foo);
>>    printf("%x\n",foo1);
>>    printf("%x\n",foo2);
>>    printf("%x\n",foo3);
>>    return 0;
>> }
>>
>> ---------- b.c      ------------------------------------------
>>
>> int foo; /* here the problem begins */
>>
>> void overfoo(){
>>    foo=0x2211;
>> }
>>
>> ---------------------------------------------------------------
>>
>> after compiling and executing , foo showed 0x11 and other 0x0.
>>
>> thanks for your time.
>> -J