I try to study in the exam and look through things, I was hoping that someone could clarify something for me. (suppose this is on a 32-bit system, so that all addresses are 4 bytes. I also study it using the C function, so any reference code refers to C)
Let's say that our code wants to take buf [4] from standard input, and therefore it creates a buffer with four bytes. If we use the gets () version, which does not check beyond the bounds and enters the string "12345", we will corrupt the saved% ebp on the stack. However, this will not change the return address. Does this mean that the program will continue to execute the correct code, since the return address is correct, and it will still return to the call function? Or corrupted% ebp means further line issues.
I understand that if we introduce something more, for example "123456789", it will also damage the return address, which will make the program inoperative.
source
share