(转)Linux 下栈溢出问题分析解决 *** stack smashing detected *** XXXX terminated

Linux 下栈溢出问题分析解决 *** stack smashing detected *** XXXX terminated
1、利用gdb 或者valgrind 定位到具体的代码
最近在Linux下调试程序，程序异常终止，具体现象如下

*** stack smashing detected ***: ../out/Load terminated
Aborted (core dumped)

利用GDB调试程序下如下

*** stack smashing detected ***: /wan/2.III-A/out/Load terminated

Thread 10 "Load" received signal SIGABRT, Aborted.
[Switching to Thread 0xb37f9b40 (LWP 10889)]
0xb7fdac31 in __kernel_vsyscall ()
(gdb) bt
#0  0xb7fdac31 in __kernel_vsyscall ()
#1  0xb7c6dea9 in __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#2  0xb7c6f407 in __GI_abort () at abort.c:89
#3  0xb7ca937c in __libc_message (do_abort=1, fmt=0xb7da02c7 "*** %s ***: %s terminated
") at ../sysdeps/posix/libc_fatal.c:175
#4  0xb7d39708 in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:37
#5  0xb7d39698 in __stack_chk_fail () at stack_chk_fail.c:28
#6  0x081a0cb9 in xxxxxxx (stGravDataReport=...) at xxxxxxx.cpp:139

通过gdb 基本上可以定位出代码行数。
同样利用valgrind 同样也可以定位出该问题，具体方法为：

root@/root# valgrind --tool=memcheck --leak-check=full --show-reachable=yes --trace-children=yes ../out/Load 
==10854== Memcheck, a memory error detector
==10854== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==10854== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==10854== Command: ../out/Load
==10854== 

*** stack smashing detected ***: ../out/Load terminated
==10854== 
==10854== Process terminating with default action of signal 6 (SIGABRT): dumping core
==10854==    at 0x4244EA9: raise (raise.c:54)
==10854==    by 0x4246406: abort (abort.c:89)
==10854==    by 0x428037B: __libc_message (libc_fatal.c:175)
==10854==    by 0x4310707: __fortify_fail (fortify_fail.c:37)
==10854==    by 0x4310697: __stack_chk_fail (stack_chk_fail.c:28)
==10854==    by 0x81A0CB8: xxxxxxxxxx
(xxxxxxx) (xxxxxxxxxxxxxxx.cpp:139)
==10854==    by 0x38303930: ???

分析的栈信息相同。

2、分析产生原因
通过查看代码可以分析到代码中使用了不安全的函数 sprintf
再次利用gdb进行问题定位：查看到 是由于sprintf拼接成数组长度过长，导致栈溢出。
栈溢出之后会导致栈内的局部变量值混乱。
————————————————
版权声明：本文为CSDN博主「码中飞翔」的原创文章，遵循CC 4.0 BY-SA版权协议，转载请附上原文出处链接及本声明。
原文链接：https://blog.csdn.net/wanxuexiang/article/details/89979901