stack overflow problem

hi,people!

Can someone explain what happens exactly to ebp and eip register when stack is overflowed?


(if I oveflow stack with 'A's lets say,why doesn't eip contains 0x41414141 value (which is ascii code for 'A'?)(Softice debugger used)




Comments

  • : hi,people!

    : Can someone explain what happens exactly to ebp and eip register when stack is overflowed?


    : (if I oveflow stack with 'A's lets say,why doesn't eip contains 0x41414141 value (which is ascii code for 'A'?)(Softice debugger used)


    Hi,


    Why should ebp be affected by a stack overflow?

    Why should eip be 0x41414141 !?


    What exactly are you trying to find out?


    Mark




  • A "stack overflow" is an entirely contrived error. It's created

    by a compiler that has stack checking. There is not a "stack error"

    interrupt from the CPU, etc.

    What the register dumps end up as is entirely a factor of the code

    which handles the stack overflow. In the event of an untrapped or assembly

    overflow, it wouldn't cause an error immediately:


    1) Unless it was in protected mode, and the pointer rolled over to

    protected space, causing a GPF.


    2) Standard DOS EXEs would cause errors until you tried modifying off the stack,

    or some of the code overwritten by the out-of-bounds stack is executed.


    Matthew Gross

    Acheron@Hotmail.com

    AcheronX's Programming Page




  • : : hi,people!

    : : Can someone explain what happens exactly to ebp and eip register when stack is overflowed?


    : : (if I oveflow stack with 'A's lets say,why doesn't eip contains 0x41414141 value (which is ascii code for 'A'?)(Softice debugger used)


    : Hi,


    : Why should ebp be affected by a stack overflow?

    : Why should eip be 0x41414141 !?


    : What exactly are you trying to find out?


    : Mark


    Ebp should be affected by stack overflow,cause it contains the return addrress where program continues to execute after data is poped from stack.On overflow ebp is overwritten by overflow data.Borland C 4.5 debugger showed me that eip indeed IS 0x41414141!,but softice 3.23 debugger shows me different value,so I don't know which is true.

    (If this is wrong,tell me what happens exactly.Thanks!)




Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories