C - why would someone copy the argv string to a buffer?

Question

C - why would someone copy the argv string to a buffer?

Today I learn about buffer overflows, and I came across many examples of vulnerable programs. I am wondering if there are any reasons for working with such program arguments:

int main(int argc, char *argv[])
{
    char argument_buffer[100];
    strcpy(argument_buffer, argv[1]);

    if(strcmp(argument_buffer, "testArg") == 0)
    {
        printf("Hello!\n");
    }
    // ...
}

Instead simply:

int main(int argc, char *argv[])
{
    if(strcmp(argv[1], "testArg") == 0)
    {
        printf("Hello!\n");
    }
}

Please note that I know about the flaws strcpy, etc. is just an example. My question is , is there a true reason to use temporary buffers to store arguments from argv ? I suppose they aren't, but I'm curious why it is present in overflow examples, but in reality it is never used? Maybe because of a pure theory.

+5

c argv buffer-overflow

Miroslav mares Apr 20 '12 at 15:25

source share

4 answers

: , *.foo *.bar; , .foo, .bar rename().

+1

Niall C. 20 . '12 15:42

:

void OpenLogFile (const char *fileName) {
  char pathName[256];
  sprintf(pathName, "/var/log/%s", fileName);
  logFd = open(pathName, ...);
  ...
}

int main (int argc, char **argv) {
  ...
  OpenLogFile(argv[i]);
  ...
}

, , 255-9 , sprintf pathName .

+1

Robᵩ 20 . '12 15:53

, , - argv.

, , , argv , . , argv, , argv, , , .

, , argv, , , argv, , .

:

If you are worried about passing the pointer, copy the contents of argv to a fixed size buffer.

0

octopusgrabbus Apr 20 '12 at 15:36

source share

wildplasser · Accepted Answer · 2012-04-20T15:55:03+0000

IIRC argv , , . C89/C90/ANSI-C . envp []. , (, MS-DOS). ( ) / CRT .

C - why would someone copy the argv string to a buffer?

:

More articles: