NOTE: Although it says to allocate 10 bytes, the smallest buffer I have it
give out is 128 bytes. The sprintf() writes more than 128 bytes though.
void test_overflow()
{
char *buf = get_buffer(10);
log("Overflow Test!");
sprintf(buf,
"0123456789012348979849456161316316498498191651321321654694789"
"78949491613156194898191698132136484321321467897984132132156416879413"
"21321654897894651321321564789794446346");
release_buffer(buf);
log("Test done!");
}
Results in:
greerga@bacon:~/mud/wrk/circle30bpl11$ bin/circle
Tue Aug 19 21:55:56 :: Overflow Test!
Tue Aug 19 21:55:56 :: SYSERR: BUF: clear_buffer: Overflow in buffer from
test_overflow:481. Data:
01234567890123489798494561613163164984981916513213216546947897894949161315619
48981916981321364843213214678979841321321564168794132132165489789465132132156
4789794446346
Segmentation fault (core dumped)
greerga@bacon:~/mud/wrk/circle30bpl11$
Not too shabby...although the segmentation fault would be neat to avoid...
Time to go look into that. :)
--
greerga@muohio.edu me@null.net | Genius may have its limitations, but stupidity
http://www.muohio.edu/~greerga | is not thus handicapped. -- Elbert Hubbard
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/08/00 PST