Answer the question
In order to leave comments, you need to log in
M
M
Maxim Ivanov2016-05-27 01:13:02
Maxim Ivanov, 2016-05-27 01:13:02
How to delete the return link?
Hello! I was given a task at school so that I would call another from one function, but I did it in a non-obvious way. They gave a hint: to overwrite the return link, but it's not entirely clear how this can be implemented?
Here is an erroneous example:
#include <iostream>
using namespace std;
void bar(){
cout << "bar" << endl;
}
void foo(){
bar(); // это не правильно, так как явно вызвали сами, а нужно как-то вклинить в эту функцию
cout << "foo" << endl;
}
int main(){
foo(); // сделать должна быть вызвана bar(), хотя вызывали foo
return 0;
}
I found only a picture on the Internet, how the memory looks like with these return links, but again, how can such a mechanism be implemented, tell me?
That is, it should work like this:
#include <iostream>
using namespace std;
void bar(){
cout << "bar" << endl;
}
void foo(){
cout << "foo" << endl;
}
int main(){
foo(); // тут должен быть вызван bar(), хотя вызывали foo
// что для этого можно сделать?
return 0;
} 2 answer(s)
@splincodewd
Maybe you have to replace not a[1], but a[2] or a[3].
If you do this, bar will be called, but upon exiting it, most likely, the program will crash. How to make it not fall - I'll leave it as homework. The aerobatics is to add a couple of variables to main(), and then show through std::cout: here they are, safe and sound (compile without optimization, max. optimization can simply replace them with constants). But here you already have to know the calling convention and read the disassembler listing: it depends on how to return the stack to a suitable state.
UPD. Pardon my ignorance of C syntax.
M
Mercury13, 2016-05-27 @splincodewd
What is it for? And so that you know how hackers break you. The easiest way to do this is to arrange a buffer overflow.
void foo()
{
void* a[1];
a[1] = (void*)&bar;
}Maybe you have to replace not a[1], but a[2] or a[3].
If you do this, bar will be called, but upon exiting it, most likely, the program will crash. How to make it not fall - I'll leave it as homework. The aerobatics is to add a couple of variables to main(), and then show through std::cout: here they are, safe and sound (compile without optimization, max. optimization can simply replace them with constants). But here you already have to know the calling convention and read the disassembler listing: it depends on how to return the stack to a suitable state.
UPD. Pardon my ignorance of C syntax.
Similar questions
K
1
U
V
F
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question