How to overcome this: the system detected an overrun of a stack-based buffer.

Question

0.00/5 (No votes)

See more:

In an application that I'm working on, I use dates, with size of the 'char' being declared as datestr[12], with the max length of 11 -> thru out the whole program...
While testing all possible situations, I entered a date greater than size of 11 and exited the routine, and then I get the following error: the system detected an overrun of a stack-based buffer.

1) How can I test for this oversized text entries. I currently use the
strlen() function. Is using the sizeof() function any better or what?
2) And how can you gracefully fix the issue at hand and then exit the routine gracefully without Abending and/or recieving any errors. Cause right now, the program Abends with an error message. Any ideas?? Much thanks,

What I have tried:

everything, the trial and error method, trying different avenues.

Posted 29-Apr-24 9:15am

samtoad

Add a Solution

2 solutions

Solution 2

Without some code examples, it's not clear where the issue is. In particular, how are you getting your data? For example

C

char buff[10];
scanf("%s", buff);

will overflow your input buffer.

You can tell scanf how long your input buffer is though via scanf("%9s", buff). That's OK, but its then hard to tell if there's any unread data in the input buffer. Better would be to do something like

C

int valid_date(const char *);  /* a function that checks its parameter is a valid date */
                               /* has the correct length, format,not an  */
                               /* "impossible" date like 19-19-1919 */
/* ... */
char buff[1024] = "";
while( ! valid_date(buff) )
{
    printf("Enter valid date: ":
    fgets(buff, 1024, stdin);
    char *nl = strchr(buff, '\n');  /* find the newline in input buff */

    /* check for and remove any unread input */
    if( *nl == NULL )
    {
        char tmp[1024];
        do {
           fgets(tmp, 1024, stdin)
        } while( strchr(tmp, '\n') == NULL );
     }
    else {
       *nl = '\0'; /* remove newline char from buff */
    }  
}
strcpy(date, buff);  /* since we've got this far, we know we have a valid date! */

You might also want to check for something like "quit", or "today" or maybe other possible responses, and handle appropriately. The important thing is that you only read a known number of characters from your input source, so you can't get a buffer overflow, and then check that the input is valid. A malicious actor then can't then use a buffer overflow to compromise your program.

Addendum:
Thinking about it, that inner do/while loop isn't strictly necessary, since the outer loop will read the whole input buffer, anyway. But the inner loop does reduce the number of calls to valid_date(), which might be expensive. It's almost certainly more expensive than strchr() which is probably implemented in efficient assembler (eg. AVX or similar), at least for optimized builds.

Posted 29-Apr-24 11:00am

k5054

Updated 29-Apr-24 11:23am

v2

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Rick York · Accepted Answer · 2024-04-29T10:27:00

When I must use fixed-sized text buffers I make sure to use the size-limited library functions since they are much safer. Here is an example with your data :

C++

#define DATE_LENGTH 11
typedef char DateStr[ DATE_LENGTH + 1 ];   // plus one for the terminator

// a utility functions

void CopyDateStr( char * buffer, const char * datetext )
{
    strncpy( buffer, datetext, DATE_LENGTH );
}

// some random code

void RandomCode( const char * datestr )
{
   // declare a date string and initialize it
   DateStr datebuf = { 0 };
   CopyDateStr( datebuf, datestr );
   // do something else with it here
}

One key thing is to always initialize the buffer to nulls. Since strncpy is limited to DATE_LENGTH characters and an additional one was allowed for the null, the string will always be null terminated, even if it was too big for the buffer. I prefer to detect data format errors, such as excessive length, when it is first input which would be when you acquire it by prompting the user or read it from a file or database.

Other useful, size-limited functions include snprintf and strncat.