|
Home > Archive > Unix Programming > March 2004 > stack execution
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Rocke Robertson 2004-03-24, 10:39 am |
| I would like to understand how this code works. Why does this code try
to execute off the stack? I wont post to c.l.c cause I might get
plonked....
#include <stdio.h>
int main (int argc, char ** argv) {
((void (*)()) &argc) ();
}
TIA
| |
| Måns Rullgård 2004-03-24, 10:39 am |
| Rocke Robertson <rocker@tiger.pwgsc.gc.ca> writes:
> I would like to understand how this code works. Why does this code try
> to execute off the stack? I wont post to c.l.c cause I might get
> plonked....
>
> #include <stdio.h>
>
> int main (int argc, char ** argv) {
> ((void (*)()) &argc) ();
> }
You are taking the address of argc (&argc). This address will be on
the stack, by virtue of argc being a function argument. Then you cast
this address into a function pointer, and finally perform an indirect
function call through that pointer. What I wonder is why would ever
do anything like that.
BTW, you would probably get plonked from clc since the C standard
doesn't explicitly allow casts between data pointers and function
pointers, or something like that. Would some standards guru please
correct my wording?
--
Måns Rullgård
mru@kth.se
| |
| Dragan Cvetkovic 2004-03-24, 10:39 am |
| mru@kth.se (Måns Rullgård) writes:
> Rocke Robertson <rocker@tiger.pwgsc.gc.ca> writes:
>
[snip]
[color=darkred]
>
> BTW, you would probably get plonked from clc since the C standard
> doesn't explicitly allow casts between data pointers and function
> pointers, or something like that. Would some standards guru please
> correct my wording?
Are you confusing clc with csc (comp.std.c) maybe?
Bye, Dragan
--
Dragan Cvetkovic,
To be or not to be is true. G. Boole No it isn't. L. E. J. Brouwer
!!! Sender/From address is bogus. Use reply-to one !!!
| |
| Rocke Robertson 2004-03-24, 5:23 pm |
|
Dragan Cvetkovic wrote:
> Are you confusing clc with csc (comp.std.c) maybe?
>
no, comp.lang.c . They get pretty "uppity" about certain questions.
| |
| Martin Dickopp 2004-03-24, 5:23 pm |
| mru@kth.se (Måns Rullgård) writes:
> Rocke Robertson <rocker@tiger.pwgsc.gc.ca> writes:
>
>
> You are taking the address of argc (&argc). This address will be on
> the stack, by virtue of argc being a function argument. Then you cast
> this address into a function pointer, and finally perform an indirect
> function call through that pointer. What I wonder is why would ever
> do anything like that.
I can imagine one possible reason: To test if some buffer overflow
protection scheme which makes the stack un-executable works.
> BTW, you would probably get plonked from clc
I don't know why the OP believes he would get plonked in clc for this
question. In my experience as a regular reader (and occasional poster)
of clc, people only get plonked there if they troll deliberatly, or if
they insist their question is on-topic after having been told otherwise.
> since the C standard doesn't explicitly allow casts between data
> pointers and function pointers, or something like that. Would some
> standards guru please correct my wording?
While I'm not a standard guru, I can say that the C standard does not
define a conversion from pointer-to-object types to pointers-to-function
types. This makes the cast undefined behavior.
Martin
--
,--. Martin Dickopp, Dresden, Germany ,= ,-_-. =.
/ ,- ) http://www.zero-based.org/ ((_/)o o(\_))
\ `-' `-'(. .)`-'
`-. Debian, a variant of the GNU operating system. \_/
| |
| Måns Rullgård 2004-03-24, 5:23 pm |
| Martin Dickopp <expires-2004-04-30@zero-based.org> writes:
> mru@kth.se (Måns Rullgård) writes:
>
>
> I can imagine one possible reason: To test if some buffer overflow
> protection scheme which makes the stack un-executable works.
That particular code will crash rather badly with or without stack
protection. To test such a thing I would place some valid code on the
stack, such as a single 'ret' instruction or so.
--
Måns Rullgård
mru@kth.se
| |
| Nils O. Selåsdal 2004-03-25, 3:35 am |
| In article <40618C55.93D44694@tiger.pwgsc.gc.ca>, Rocke Robertson wrote:
> I would like to understand how this code works. Why does this code try
> to execute off the stack? I wont post to c.l.c cause I might get
> plonked....
>
> #include <stdio.h>
>
> int main (int argc, char ** argv) {
> ((void (*)()) &argc) ();
> }
It casts the address of argc to a (function) pointer, and call
that "function". Thus, the program will jump to the address
of argc as if it were a function, and start executing instructions
from there.
--
Vennlig hilsen/Best Regards
Nils Olav Selåsdal
System Engineer
w w w . u t e l s y s t e m s . c o m
| |
| Rocke Robertson 2004-03-25, 8:43 am |
|
Thanks all, I now understand it. I take back my clc statement.
Happy thursday.
|
|
|
|
|