0

Ok so there are lots of stack smashing detected questions on stackoverflow, I looked at 6-7 of them but couldn't clear my problem.

I have a void function in C named encryptor, which takes a char array, and updates that array. 

void encryptor(char* m,char* K){
    char T[5] = "1011\0"; // added the last '\0'
    int l = countOnes(K);
    for (int i=0; i<l; i=i+1){
        char TT[33];
        TT[32] = '\0'; // Last character is '\0'
        strcat(TT,T); strcat(TT,T); strcat(TT,T); strcat(TT,T); strcat(TT,T); strcat(TT,T); strcat(TT,T); strcat(TT,T); // 8 times
        string_xor(m,TT,m);
        addOne(T);
    }
    printf("%s\n", m); // <======*** This print is working
    // The output of print is correct encrypted bitstring 
    // of length 32 : 11011101110111011101110111011101
    return;
}

And here is the the corresponding int main code :

int main(){
    char message[33] = "11001100110011001100110011001100";
    message[32]='\0';
    char key[33] = "00100010001000100010001000100011";
    key[32]='\0';
    // encryptor takes a 32 bitstring and uses key to encrypt it
    // All other functions in encryptor are working and even m is being updated 
    encryptor(message,key);
}

As the flow of program is reaching to the print function just before the return statement and after that stack smashing is detected what could be a possible reason for this

I tried to use gdb debugger but it shows

Program received signal SIGABRT, Aborted. 0x00007ffff7a55860 in raise () from /usr/lib/libc.so.6

Could anyone help me finding out (or any way to find out) the cause of this error (I dont think its because of buffer overflow or something as it reached the print function)

Thanks

Naman
  • 372
  • 4
  • 20
  • 1
    At least you’ll want to set the *first* char in TT to zero, not the last. Otherwise you’ll have undefined behavior and most likely going outside the allocated memory when doing strcat – Sami Kuhmonen Mar 10 '18 at 05:07
  • Oh i didnt know about this behavior of strcat, I am new to C, have done only C++. Found strcat working so used it! – Naman Mar 10 '18 at 05:18
  • 2
    It adds data to the *end* of the string. If you say the string is already full (only last chat is potentially zero) it will just go out of bounds. – Sami Kuhmonen Mar 10 '18 at 05:20
  • You have: `char T[5] = "1011\0"; // added the last '\0'` — you don't need the explicit `\0` since the compiler will add it implicitly anyway. – Jonathan Leffler Mar 10 '18 at 06:27
  • @Naman Because `strcat` appends one string onto another, both parameters need to be valid strings. When you first call `strcat(TT,T);`, you have not made `TT` have any sensible, valid string value. – David Schwartz Nov 01 '18 at 06:57

1 Answers1

1

Found the big blunder, strcat does not copies the T string to TT but does something via reference.

And as this pointer is referenced to a something created in function's frame which destroys after end of function it throws an error.

As character array is basically a pointer, as soon as the function returns that pointers turns garbage values and error comes.

Naman
  • 372
  • 4
  • 20
  • 1
    Just a note, make sure to have variable names that make sense, not single or double letters like `T` or `TT` (a bad compiler could mistake it for undefined macros!) – Stan Strum Mar 14 '18 at 20:06