I have this structure:
struct Books {
char title[50];
char author[50];
};
Let's say that I know that if I pass arg1
to the program, in some part of the code, it adds some chars in the direction $title+52
, so the author
value is overwritten (buffer overflow).
Now I add ASLR to my binary. By this way, some directions are random, so I think the buffer overflow that I described before could not be possible.
Is this true? Or even if I add ASLR the directions of struct members are together and buffer overflow could be possible?
The specific overflow you mentioned is still possible.
With the exception of bitfields, the fields of a structure follow one another in order in memory (with some possible padding in between). This is detailed in section 6.7.2.1p15 of the C standard:
Within a structure object, the non-bit-field members and the units in which bit-fields reside have addresses that increase in the order in which they are declared. A pointer to a structure object, suitably converted, points to its initial member (or if that member is a bit-field, then to the unit in which it resides), and vice versa. There may be unnamed padding within a structure object, but not at its beginning.
So in this case the author
field will always follow the title
field, regardless of what specific address an object of type struct Books
is located at. The only possible difference could be the amount of padding, but unless you add or remove fields in the struct this probably won't change.