From: David Liebtag on 19 Feb 2010 16:25 We have a routine with a local buffer that calls strcpy which overruns the end of the buffer. We know this is a problem we have to fix, but before we do, we're like to understand something. We have previously called signal() to set up a handler for SIGSEGV, but our handler is not getting called. Can anyone explain why? Does strcpy set up it's own handler? Thanks a lot. David Liebtag
From: Victor Bazarov on 19 Feb 2010 16:34 David Liebtag wrote: > We have a routine with a local buffer that calls strcpy which overruns the > end of the buffer. We know this is a problem we have to fix, but before we > do, we're like to understand something. We have previously called signal() > to set up a handler for SIGSEGV, but our handler is not getting called. > > Can anyone explain why? Unless the access is in the memory _not allocated to the process_, it's not an access violation. Imagine that the bytes after your buffer do belong to your process but simply are assigned to other objects (this is very common when your buffer is allocated on the stack, for example). You don't violate the access privileges, you simply stomp all over your other objects thus destroying whatever data they contain. > Does strcpy set up it's own handler? I don't think so. V -- Please remove capital 'A's when replying by e-mail I do not respond to top-posted replies, please don't ask
From: Igor Tandetnik on 19 Feb 2010 16:40 David Liebtag <liebtag(a)us.ibm.com> wrote: > We have a routine with a local buffer that calls strcpy which > overruns the end of the buffer. We know this is a problem we have to > fix, but before we do, we're like to understand something. We have > previously called signal() to set up a handler for SIGSEGV, but our > handler is not getting called. > > Can anyone explain why? Do you actually get access violation? Just overrunning the buffer doesn't necessarily mean you acces an invalid address: most of the time, you are just happily overwriting some perfectly valid memory with garbage. Naturally, the CPU can't detect that. -- With best wishes, Igor Tandetnik With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. -- RFC 1925
From: David Liebtag on 20 Feb 2010 09:13 Fellows, I understand that it's only an access violation if we touch memory to which our process is not authorized. And yes, if the caller passes a long enough string, we get an access violation. David Liebtag
|
Pages: 1 Prev: Template argument deduction Next: draggable small dialog |