缓冲区溢出 [英] buffer overflow
问题描述
您好,
无法实现此代码片段中发生的事情:
int main(int argc, char * argv [])
{
char buf [256];
strcpy(buf,argv [1]);
...
}
调试器将argv [1]显示为NULL,结果我得到''segmentation fault''on
''strcpy''来电。我无法弄清楚为什么在这种情况下NULL不合适,
标准并没有禁止它在字符串函数中(至少我没有找到
它)。
最诚挚的问候,罗马马沙克。电子邮件: mr*@tusur.ru
Hello,
can''t realize what''s happening in this code snippet:
int main(int argc, char *argv[])
{
char buf[256];
strcpy(buf, argv[1]);
...
}
Debugger shows argv[1] as NULL and as a result I get ''segmentation fault'' on
''strcpy'' call. I can''t figure out why NULL is not a proper in this case,
standard doesn''t prohibit it in string functions (at least I have not found
it).
With best regards, Roman Mashak. E-mail: mr*@tusur.ru
推荐答案
Roman Mashak写道:
Roman Mashak wrote:
无法实现此代码片段中发生的事情:
int main( int argc,char * argv [])
{
char buf [256];
strcpy(buf,argv [1]);
...
}
调试器将argv [1]显示为NULL,结果我得到''分段错误''
''strcpy''来电。我无法弄清楚为什么在这种情况下NULL不合适,
标准并没有禁止它在字符串函数中(至少我没有找到
它)。
can''t realize what''s happening in this code snippet:
int main(int argc, char *argv[])
{
char buf[256];
strcpy(buf, argv[1]);
...
}
Debugger shows argv[1] as NULL and as a result I get ''segmentation fault'' on
''strcpy'' call. I can''t figure out why NULL is not a proper in this case,
standard doesn''t prohibit it in string functions (at least I have not found
it).
我想你会发现除非另有说明,否则
库函数的指针参数会引发未定义的
行为如果为null。
这是7.1.4,/在n1124.pdf草案中使用库函数/。
-
Chris" .enable proofreading" Dollin
网络的路径越来越宽 - 10月项目
I think you''ll find that it says unless otherwise specified,
pointer arguments to library functions provoke undefined
behaviour if null.
It''s 7.1.4, /Use of library functions/, in the n1124.pdf draft.
--
Chris ".enable proofreading" Dollin
"The path to the web becomes deeper and wider" - October Project
在文章< ei *********** @ relay.tomsk.ru> ;,罗马Mashak< mr*@tusur.ruwrote:
In article <ei***********@relay.tomsk.ru>, Roman Mashak <mr*@tusur.ruwrote:
>调试器将argv [1]显示为NULL,因此我在
上得到分段错误 ''strcpy''打电话。我无法弄清楚为什么在这种情况下NULL不合适,
标准并没有禁止它在字符串函数中(至少我没有找到它)。
>Debugger shows argv[1] as NULL and as a result I get ''segmentation fault'' on
''strcpy'' call. I can''t figure out why NULL is not a proper in this case,
standard doesn''t prohibit it in string functions (at least I have not found
it).
标准要求参数为字符串,而NULL不是
字符串。
- Richard
-
在一些字母表中需要考虑多达32个字符
" ; - X3.4,1963。
The standard requires the argument to be a string, and NULL is not a
string.
-- Richard
--
"Consideration shall be given to the need for as many as 32 characters
in some alphabets" - X3.4, 1963.
Roman Mashak写道:
Roman Mashak wrote:
>
无法实现这段代码中发生的事情:
int main(int argc,char * argv [])
{
char buf [256];
strcpy(buf,argv [1]);
...
}
调试器将argv [1]显示为NULL,结果我在''strcpy''调用中得到''细分
fault''。我无法弄清楚为什么NULL不合适
在这种情况下,标准并没有禁止它在字符串函数中(在
至少我还没有找到它)。
>
can''t realize what''s happening in this code snippet:
int main(int argc, char *argv[])
{
char buf[256];
strcpy(buf, argv[1]);
...
}
Debugger shows argv[1] as NULL and as a result I get ''segmentation
fault'' on ''strcpy'' call. I can''t figure out why NULL is not a proper
in this case, standard doesn''t prohibit it in string functions (at
least I have not found it).
但是标准确实要求将正确的字符串复制到
buf中。字符串是一个字节序列,可能是空的,后跟
a''\ 0''字节。一个NULL指针并没有指向任何东西,所以
没有位置''\ 0''。所以你需要一个声明如下:
if(argv [1])strcpy(buf,argv [1]);
else buf [0] =''\''';
当然argv [1]可能根本不存在,所以你也要警惕:
如果(argc 1)...
-
Chuck F(cinefalconer at maineline dot net)
可用于咨询/临时嵌入式和系统。
< http://cbfalconer.home.att.net>
However the standard does require a proper string to copy into
buf. A string is a sequence of bytes, possibly empty, followed by
a ''\0'' byte. A NULL pointer doesn''t point to anything, so there is
no place for that ''\0''. So you need a statement such as:
if (argv[1]) strcpy(buf, argv[1]);
else buf[0] = ''\0'';
Of course argv[1] may not even exist, so you should also guard by:
if (argc 1) ...
--
Chuck F (cbfalconer at maineline dot net)
Available for consulting/temporary embedded and systems.
<http://cbfalconer.home.att.net>
这篇关于缓冲区溢出的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!