p**********g
发帖数: 9385 | 1 今天被问了一个问题
"When a function call in C will return to wrong place?"
完全不知所云,有谁知道吗? | X****r
发帖数: 3557 | 2 Depends on what does 'wrong place' mean. If it means 'a place
different from the original caller site of this particular
function invocation', then modifying the return address stored
in the stack frame would cause that. How to do it is highly
architecture-dependent. A non-standard use of setjmp/longjmp
may achieve the same, too.
【在 p**********g 的大作中提到】
: 今天被问了一个问题
: "When a function call in C will return to wrong place?"
: 完全不知所云,有谁知道吗?
| p**********g
发帖数: 9385 | 3 Thank you for the answer! My next question is:
Under what kind of scenarios, we would want to modify the
return address in the stack frame?
【在 X****r 的大作中提到】
: Depends on what does 'wrong place' mean. If it means 'a place
: different from the original caller site of this particular
: function invocation', then modifying the return address stored
: in the stack frame would cause that. How to do it is highly
: architecture-dependent. A non-standard use of setjmp/longjmp
: may achieve the same, too.
| p***o
发帖数: 1252 | 4 When you want to hack your iphone, wii, kindle, etc, etc
http://en.wikipedia.org/wiki/Stack_buffer_overflow
【在 p**********g 的大作中提到】
: Thank you for the answer! My next question is:
: Under what kind of scenarios, we would want to modify the
: return address in the stack frame?
|
|
