//挖掘linux系统程序里栈溢出的程序
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/mman.h>
#include <sys/wait.h>
#include <signal.h>
int main(int argc, char *argv[])
{
int fd;
int *p;
int i;
int ret;
pid_t pid;
char buf[1024];
char *addr;
int count = 0;
int status;
fd = open("linux.txt", O_RDWR);
if(fd < 0)
{
perror("open");
exit(1);
}
addr = (char *)mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
if(addr == MAP_FAILED)
{
perror("mmap");
exit(1);
}
close(fd);
while(1)
{
count++;
printf("count = %d\n", count);
memset(buf, 0, sizeof(buf));
strcpy(buf, addr);
sprintf(buf, "linux-%d", count);
printf("buf = %s\n", buf);
sleep(1);
if(count == 10)
{
break;
}
if(count == 5)
{
pid = fork();
if(pid < 0)
{
perror("fork");
exit(1);
}
if(pid == 0)
{
while(1)
{
sleep(1);
printf("child\n");
if(count == 10)
{
break;
}
count++;
printf("count = %d\n", count);
memset(buf, 0, sizeof(buf));
strcpy(buf, addr);
sprintf(buf, "linux-%d", count);
printf("buf = %s\n", buf);
sleep(1);
if(count == 10)
{
break;
exit(0);
}
if(count == 5)
{
break;
exit(0);
}
if(count == 6)
{
break;
exit(0);
}
if(count == 7)
{
break;
exit(0);
}
if(count == 8)
{
break;
exit(0);
}
if(count == 9)
{
break;
exit(0);
}
}
exit(0);
}
else
{
while(1)
{
sleep(1);
printf("parent\n");
if(count == 10)
{
break;
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
if(WIFEXITED(status))
{
printf("child exit code = %d\n", WEXITSTATUS(status));
exit(0);
wait(&status);
}
}
}
}
}
}
}
}
}
}
}
}
}
}
© 版权声明
本网站内容及资料来源于网络,并不代表本站观点和对其真实性负责,也不构成任何其他建议;部分内容是由网友自主投稿和发布、编辑整理上传,对此类内容本站仅提供交流平台,不为其版权负责;所提供的信息,只供参考之用,不保证信息的准确性、有效性、及时性和完整性;如果您发现网站上有侵犯您的知识产权的内容,请与我们取得联系,我们会及时修改或删除。文章版权归作者所有,原创作品未经允许请勿转载。投诉请联系:admin@chnhonker.com
THE END
暂无评论内容