I've been learning buffer overflows and noticed something strange.
void vuln()
{
char buf[180];
gets(buf);
puts(buf);
return;
}
int main()
{
__gid_t egid;
setvbuf(stdout, 0x0, 2, 0);
egid = getegid();
setresgid(effective_gid, effective_gid, effective_gid);
puts("You know who are 0xDiablos: ");
vuln();
return 0;
}
I compiled the code as 64 bit and 32 bit.
gcc test.c -fno-stack-protector -o 64bit.o
gcc test.c -fno-stack-protector -o 32bit.o -m32
I than passed more than 180 A's as input on the 32bit application under strace.
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x41414141} ---
+++ killed by SIGSEGV (core dumped) +++
I then performed the same test on the 64bit application under strace.
--- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
+++ killed by SIGSEGV (core dumped) +++
Why does the 64 bit show that the invalid memory references was NULL, should't it be 0x41414141 like the 32bit SIGSEGV?
not sure if this matters but my kernel is 5.5.8.