Search code examples
cmemory-managementmemory-addressbuffer-overflow

How variables are allocated in memory in C?

I am following a book where they explain about the buffer overflow. I have a question based on buffer overflow output in C. There are two char array(buffer_one[8] and buffer_two[8]) and one integer (value).

In a x86_64 system, I am declaring the variables in an order.

    int value = 5; 
    char buffer_one[8], buffer_two[8];

However when i dump the address of these three variables, I received them in below order(value at d4, then buffer_one at d8 and then buffer_two at e0).

Buffer_one is at 0x7ffe7860b2d8 and contains one
Buffer_two is at 0x7ffe7860b2e0 and contains two
Value is at 0x7ffe7860b2d4 and contains 5

Same when I tried in a i686 system, I observed different order of memory allocation (buffer_two at 28, then buffer_one at 30 and then value at 38).

Buffer_one is at 0xbfef7330 and contains one
Buffer_two is at 0xbfef7328 and contains two
Value is at 0xbfef7338 and contains 5

MY QUESTIONS:

  1. Why the order of memory allocation differs despite being orderly declared?
  2. If I declare both char array before int, why int variable is always allocated before buffer_two in x86_64 system?
  3. What will be the order in ARM architecture?
Solution

  • The compiler does what it feels like doing. Or what the developer(s) who write the compiler felt like doing, depending on whether the compiler is sentient or not.

    This may include:

    • The compiler allocates memory in the order it reads definitions.
    • The compiler keeps a list of objects that need only one-byte alignment, a list of objects that need two-byte alignment, a list for four-byte alignment, and so on. As it reads each definition, it puts that object on the appropriate list. Later, it allocates memory for the most restrictive list first, starting with an aligned address. Then it allocates memory for the next most restrictive list, and so on. Maybe it processes the items on each list in the order it read them. Maybe it processes them in reverse order, just because of how the list was constructed.
    • As the compiler reads the definitions, it puts the identifiers in a hash table, because that is a good data structure for managing strings. Later, when the compiler is allocating memory, it processes the hash table in its physical order. The result is a mishmash of object ordering with no order apparent to the user.

    The C standard does not specify anything about the order in memory of unrelated objects. Compilers do whatever makes sense to their programmers.