pedro santos pedro santos - 1 year ago 118
C Question

Line of code clarification

I'm reading a book about bufferoverflows and shellcode, and in the book there is this code below.

I understand most of it except the purpose of

buffer = command +strlen(command);

When I use
on the buffer doesn't it overwrite what I stored there previously with
Can someone clarify it for me?


Answer Source

When one of the operands of + is a pointer then C does pointer arithmetic.

The result or pointer + number is a pointer value that points to the value with index number. It is equivalent to &pointer[number].

So, in this case:

buffer = command + strlen(command);

is equivalent to

buffer = &command[strlen(command)];

So buffer will point to the string terminator in command, which is just the right place if you want to concatenate something to the command string.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download