因此,我试图编写一个程序,该程序将返回输入域名的IP地址。该程序比该程序大得多,但是该特定功能无法正常工作。
经过数小时的测试,为什么inet_ntoa会给我带来细分错误,所以我决定对值“ www.google.com”进行硬编码,而不是键入它。 WALA成功了!但为什么?我怀疑它正在寻找“ www.google.com \ n”,所以我创建了一个简单的函数来说明这一点,并删除了字符串的末尾,以使其仅为“ www.google.com”。嗯,那没用,看看两个字符串是否相等,我做了检查。我发现,实际上硬编码的“ www.google.com”和键入的“ www.google.com”实际上并不相同。所以我输出了两个字符串的长度。事实证明,输入的数字始终为+ 1(硬编码的数字)。
有人可以解释吗?
这是我最小限度的示例代码。
char buffer[2048];
struct hostent *hen;
int i = 0;
//buffer is recieved by the client it is written to buffer like
//while((buffer[n++] = getchar() != '\n')
//then this server reads it.
while(buffer[i] != '\n'){
// strncat(b, &buffer[i], 100);
i++;
}
i = i-2;
char b[i];
i = 0;
while(buffer[i] != '\n'){
strncat(b, &buffer[i], 1);
i++;
}
int t = i;
i = 0;
while(i != t+1){
printf("%c", b[i]);
i++;
}
char *e = "www.google.com";
if(e == b){
printf("THEY EQUAL");
} else {
printf("THEY DON'T AND IM DUMB\n");
printf("LENGTH OF E: %d\n", strlen(e));
printf("LENGTH OF B: %d\n", strlen(b));
}
printf("here is: %s\n", e);
hen=gethostbyname(e);
if(hen==NULL){
fprintf(stderr,"Host not found \n");
}
printf("Hostname is %s \n",hen->h_name);
printf("IP address is %s \n",inet_ntoa(*((struct in_addr *)hen->h_addr)));
Before: i == 0;
After '1': i == 1 because buffer[0] == '1';
After '2': i == 2 because buffer[1] == '2';
After '3': i == 3 because buffer[2] == '3';
After '4': i == 4 because buffer[3] == '4';
After '\n': i == 4 because buffer[4] == '\n' and we DON'T ENTER THE LOOP BODY.
并且您分配b [2]而不是b [5](“ 1234”和空项!)
您只是简单地写入堆栈的随机区域,破坏内存,覆盖其他变量(稍后它们会覆盖行尾)。