Stack Break Detected

Question

Stack Break Detected

I created a file that prints Hello, the world so many times when the user wants to enter input.

#include <stdio.h> #include <string.h> int main() { char message[10]; int count, i; strcpy(message, "Hello, world!"); printf("Repeat how many times? "); scanf("%d", &count); for(i=0; i < count; i++) printf("%3d - %s\n", i, message); }

Regardless of the number that entered it, it always leads to a “stack break." Here is the program, can anyone conclude why this is done? Here is the "trace" that occurs after detecting a stack split:

 sean@blue :~/programming$ ./a.out Repeat how many times? 12 0 - Hello, world! 1 - Hello, world! 2 - Hello, world! 3 - Hello, world! 4 - Hello, world! 5 - Hello, world! 6 - Hello, world! 7 - Hello, world! 8 - Hello, world! 9 - Hello, world! 10 - Hello, world! 11 - Hello, world! *** stack smashing detected ***: ./a.out terminated ======= Backtrace: ========= /lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0x1f8c75] /lib/i386-linux-gnu/libc.so.6(+0xe8c27)[0x1f8c27] ./a.out[0x8048524] /lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0x129113] ./a.out[0x80483f1] ======= Memory map: ======== 00110000-00288000 r-xp 00000000 08:01 1577912 /lib/i386-linux-gnu/libc-2.13.so 00288000-0028a000 r--p 00178000 08:01 1577912 /lib/i386-linux-gnu/libc-2.13.so 0028a000-0028b000 rw-p 0017a000 08:01 1577912 /lib/i386-linux-gnu/libc-2.13.so 0028b000-0028e000 rw-p 00000000 00:00 0 0036b000-0036c000 r-xp 00000000 00:00 0 [vdso] 00454000-00470000 r-xp 00000000 08:01 1573818 /lib/i386-linux-gnu/libgcc_s.so.1 00470000-00471000 r--p 0001b000 08:01 1573818 /lib/i386-linux-gnu/libgcc_s.so.1 00471000-00472000 rw-p 0001c000 08:01 1573818 /lib/i386-linux-gnu/libgcc_s.so.1 00e7e000-00e9c000 r-xp 00000000 08:01 1573924 /lib/i386-linux-gnu/ld-2.13.so 00e9c000-00e9d000 r--p 0001d000 08:01 1573924 /lib/i386-linux-gnu/ld-2.13.so 00e9d000-00e9e000 rw-p 0001e000 08:01 1573924 /lib/i386-linux-gnu/ld-2.13.so 08048000-08049000 r-xp 00000000 00:14 3801591 /home/sean/programming/a.out 08049000-0804a000 r--p 00000000 00:14 3801591 /home/sean/programming/a.out 0804a000-0804b000 rw-p 00001000 00:14 3801591 /home/sean/programming/a.out 08a9e000-08abf000 rw-p 00000000 00:00 0 [heap] b77e8000-b77e9000 rw-p 00000000 00:00 0 b77fc000-b7800000 rw-p 00000000 00:00 0 bff87000-bffa8000 rw-p 00000000 00:00 0 [stack] Aborted

+4

c stack-overflow

bigl Mar 15 '12 at 0:33

source share

6 answers

Oliver Charlesworth · Answer 1 · 2012-03-15T00:35:20+0000

Because "Hello, world!" more than 10 characters ...

Mehrdad afshari · Answer 2 · 2012-03-15T00:36:08+0000

message can only contain 10 bytes. You are copying the string "Hello World!". which is 13 bytes (if you count the null character) and you finish rewriting and corrupting the cookie stack.

A cookie is a random byte inserted by the compiler to ensure that you crash if the return address is changed on the stack, preventing potential buffer overflow exploits.

If you are compiling gcc to experiment, try adding the -fno-stack-protector switch to your compilation statement and try again. The program will likely crash (but not with such an error message) and will be vulnerable to buffer overflow exploits.

Robotnik · Answer 3 · 2012-03-15T01:30:19+0000

Your message array is 10 characters long (0-9), but if you count "Hello, World!" (without quotes), it is 13 characters. This way you are rewriting memory that is not part of your array.

For reference, strcpy() , strcat() and most other C-line functions do not check the length of the array, they assume that you gave it enough space to work.

So you need to give your message array more space. But how much more? enough to fit "Hello world!" PLUS is another one for the null terminator character '\0' , which defines the end of a line. so you need to declare an array of 14 characters.

For a more detailed explanation of working with string and null character, I suggest this page . Although this is a C ++ page, it covers material that is common to C and C ++ (since C ++ is based on C)

Also, as Pearsonartphoto said, you can simply declare your array as

 char message[] = "Hello, World!";

However, if this is for school or uni-assignment, be sure to be taught how to do it this way, because sometimes you can subtract marks for "quick progress." The idea behind these kinds of questions is to teach funementals, and HOW AND WHY some things work, they may not be the easiest or most effective way to do things (the type of glass punch you get still causes problems in the main systems today, because programmers forget to check sizes, etc.).

John carter · Answer 4 · 2012-03-15T00:35:44+0000

Your message array must be at least one character longer than the line you copy into it (remember that you also need to hold the implicit null terminator '\0' ).

Pearsonartthoto · Answer 5 · 2012-03-15T00:38:13+0000

As already mentioned, Hello World! too long. It would be much easier to do the following

 char message[]="Hello World!";

What will be the correct size automatically.

Giovanni giomini figliozzi · Answer 6 · 2013-08-23T23:20:24+0000

I had this problem when I defined the structure like this:

 struct data { ...variables... char text[]; };

This will not give ANY WARNING, but in my case there was an error breaking the stack. I decided to replace this with

 char text[100];

Stack Break Detected

More articles: