Portal Home > Knowledgebase > Articles Database > C++: stack smashing detected?


C++: stack smashing detected?




Posted by YYamagishi, 06-12-2009, 02:21 AM
Hello, I'm learning C++ and need some help with a hangman game I'm making. This is a partial code of the game. draw() is a function that draws the image of a hangman. (0 <= state <= 6). compare(char a, char b) is a function that compares the characters given and when it matches it returns 1 and if not, 0. Now, when the game ends, either at "You are dead" or correct word (when I call break; ), it gives me: Any clue as to what is wrong with this code? Thanks EDIT: I forgot to mention that spelling for "answer" is wrong in the code because I wanted to test if having same character in one word works or not.

Posted by YYamagishi, 06-12-2009, 02:23 AM
Full output of the game:

Posted by foobic, 06-12-2009, 03:11 AM
What happens here when you get the correct answer, and guessword contains no zeros, only characters and NULLs?

Posted by YYamagishi, 06-12-2009, 04:15 AM
So, you are saying NULL != 0? Reference From: http://www.research.att.com/~bs/bs_faq2.html#null I thought of that too actually and placed a debug message to verify if that part of the coding is working or not and it's actually working: Or.. am I wrong? (Sorry, I don't really know C++ well so this may often be the case)

Posted by foobic, 06-12-2009, 04:54 AM
It does depend on the language but as a general rule you can't depend on null being equal to zero. For C++ IDK - I only did a bit of C programming many years ago. You could easily test with a cout in the loop to find out for sure. IIRC "stack smashing" usually means you have an index out of range.

Posted by YYamagishi, 06-12-2009, 05:47 AM
I just compiled this on a Debian dedicated server and it seems to be working.. Any clue on why this isn't working on my computer here? (Ubuntu 9.04 running on VirtualBox) EDIT: Seems to be working on university server running Solaris too Last edited by YYamagishi; 06-12-2009 at 05:59 AM.

Posted by fwaggle, 06-13-2009, 04:56 PM
IMHO it's only "working" because your second machine isn't catching the "stack smashing" that's going on in your app. Compile your app with debugging symbols and the backtrace will have some meaningful output as to where it's running off the end of an array, also consider using electric fence on any app you think is "working".

Posted by YYamagishi, 06-14-2009, 09:58 AM
I've googled about stack smashing and it is weird though. Calling break; or return; should have nothing to do with the arrays being used, but solutions found on the internet is to check the arrays, make sure they don't "explode" outside the allocated size. Any ideas?

Posted by zekez, 06-14-2009, 10:19 AM
Stack smashing (a.k.a. buffer overrun) is a HUGE security issue. As someone else suggested, look carefully at your code where you access array indices or do pointer arithmetic. Also, in C/C++, NULL is often defined as 0. If you can't find the problem by reading your code, run your program under a debugger like gdb and try to reproduce the overrun. When you crash, do a back trace to see what happened.

Posted by fwaggle, 06-15-2009, 11:12 PM
He's already getting a backtrace, but the problem is it contains no usable information. If he compiles it with debugging symbols and runs it again it should have more usable information. He needs debugging symbols to work out what these are: The problem may not lie in the function posted at all, because he's somewhat right - it's pretty tough to get a "break" to cause a buffer overrun. He could post the rest of the code and we could keep playing "where's waldo" or he could take 2 seconds to add -ggdb to his compile line and the next backtrace will probably point the problem out.



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
input/output error (Views: 571)
HiVelocity Down?? (Views: 664)