-fno-stack-protector is not working
I have written the following C program to see the working of buffer overflows. I have saved this program file with name bo.c
#include<stdio.h>
#include<string.h>
int authentication(char *key)
{
int auth=0;
char pass[10];
strcpy(pass, key);
if(strcmp(pass, "hello")==0)
auth=1;
else
auth=0;
return auth;
}
int main(int argc, char *argv[])
{
if(authentication(argv[1]))
{
printf("----------------------------------\nACCESS GRANTED\n---------------------------------");
}
else
{
printf("Access Denied! Wrong password!");
}
return 0;
}
But I am not able to see the effect of buffer overflow because the stack is protected. But when I am compiling it with the -fno-stack-protector flag, it is showing that it is an unrecognized option.
What is the problem here? Am I doing something wrong in the usage of the gcc command?
You are correctly doing the command but it is unrecgonized due to your configuration.
gcc -fno-stack-protector bo.c
I would recommend reinstalling gcc or trying in another linux distro. Also feel free to look at this article on the use of -fno-stack-protector as it gives some insight as to why it may be disabled. (Do to possible configurations with Makefile disabling the flag)
--------Edit----------
After looking further into this, I would recommend looking at: -fstack-protector-all or -fstack-protector
I was messing around with your code and found this might be what you're trying to do and your current setup may allow it.
- Difference between sqrt(x) and pow(x,0.5)
- Can you explain this 'Hello world' program?
- how can i check file write permissions in C++ code?
- Compare floating point numbers as integers
- Ninja Build System + gcc/clang doesn't output diagnostic colors
- Why does my C program give an error when looping through an array?
- Printing char array with null character in the middle in C
- How do I read the source code for a C library in CLion
- pthread nice value setting for default scheduler in C
- Use a 3d array on a function (array that contains arrays that contain strings)
- frida-server being targeted by port scan?
- Are compound literals always lvalue?
- Why is the beginning of a C file stream called `SEEK_SET`?
- How to Take whitespace in Input in C
- "undefined reference to" errors when linking static C library with C++ code
- Audio timescale-pitch modification - Open source examples?
- What is the easiest way to create a secured network client in Linux (C) without any external libraries?
- Are there any non-twos-complement implementations of C?
- Read variable value from PE file
- C: Memory Allocation on Stack for Nested Structures
- The max number of digits in an int based on number of bits
- Aliasing struct and array the C++ way
- AC_SEARCH_LIBS on a static library that itself has dependencies?
- What is the relation between operator precedence and order of evaluation?
- Why does my getop function in C return '+' correctly but not '=' when there are leading spaces?
- How to efficiently compare a block of memory to a single byte?
- What is the most elegant way to work with global variables in an embedded system?
- sqrt is only defined when argument is nonnegative
- How do you get the network interface index for the loopback interface?
- use of -mcmodel=kernel flag in x86 platform