468,241 Members | 1,545 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,241 developers. It's quick & easy.

Run-Time Check Failure #n Question

compiler£ºVisual Studio.Net 2003 (VC7.1)
compile type£ºDebug
problem: wanted more information about the "Run-Time Check Failure
#n",thanks!

Example1:
#include "stdafx.h"
void malice()
{
printf("Hey,you're been attacked.\n");
}

void foo()
{
int *ret;
ret=(int*)&ret+2;
(*ret)=(int)malice;
}

int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #0 - The value of ESP was not properly saved
across a function call. This is usually a result of calling a function
declared with one calling convention with a function pointer declared
with a different calling convention.
Example 2:
#include "stdafx.h"
void foo()
{
int var[2];
var[2] = 0;
}

int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:

Run-Time Check Failure #2 - Stack around the variable 'var' was
corrupted.

Example 3:
#include "stdafx.h"
#include <iostream>
using namespace std;

int a,b;
int _tmain(int argc, _TCHAR* argv[])
{
int c;
cout<<a<<"\n";
cout<<b<<"\n";
cout<<c<<"\n";
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #3 - The variable 'c' is being used without
being defined.

Feb 9 '06 #1
8 9902
Antony wrote:
compiler£ºVisual Studio.Net 2003 (VC7.1)
compile type£ºDebug
problem: wanted more information about the "Run-Time Check Failure
#n",thanks!
Please ask in a newsgroup dedicated to VC++ or to Windows programming.
Your code below has undefined behaviour in C++ terms, and due to that
nothing can be said about any "Run-Time Check Failure" (which is not
defined in C++ either).

Example1:
#include "stdafx.h"
void malice()
{
printf("Hey,you're been attacked.\n");
}

void foo()
{
int *ret;
ret=(int*)&ret+2;
(*ret)=(int)malice;
}

int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}
[...]


V
--
Please remove capital As from my address when replying by mail
Feb 9 '06 #2
Antony wrote:
compiler£ºVisual Studio.Net 2003 (VC7.1)
compile type£ºDebug
problem: wanted more information about the "Run-Time Check Failure
#n",thanks!

Example1:
#include "stdafx.h"
void malice()
{
printf("Hey,you're been attacked.\n");
}

void foo()
{
int *ret;
ret=(int*)&ret+2;
(*ret)=(int)malice; Congratulations! You have just invoked UB. Your program may now do
anything, including destroying your hard drive, contacting NORAD and
instigating WWIII, or just giving an indecipherable error message.
}

int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}

What Victor said. Also, see above comments.
Feb 9 '06 #3
Antony wrote:
compiler:Visual Studio.Net 2003 (VC7.1)
compile type:Debug
problem: wanted more information about the "Run-Time Check Failure
#n",thanks!

Example1:
#include "stdafx.h"
// remove that and turn off precompiled headers.
void malice()
{
printf("Hey,you're been attacked.\n");
}

void foo()
{
int *ret;
// ret is not initialised.
ret=(int*)&ret+2;
// undefined behaviour ret is not initialised
// whats wrong with the below:
ret += 2;
(*ret)=(int)malice;
// Whats with the casting? malice returns nothing, yet you're assigning
it's "return" value to 2 ints past an uninitialised point in memory.
}
// What is the point of the above function?
// Why are you casting so much?
int _tmain(int argc, _TCHAR* argv[])
int main
// there is no _tmain, and there is no _TCHAR in standard c++
{
foo();
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #0 - The value of ESP was not properly saved
across a function call. This is usually a result of calling a function
declared with one calling convention with a function pointer declared
with a different calling convention.
Well, to be fair, if it hadn't crashed, I would be suprised. You are
trying hard to make it crash.

Example 2:
#include "stdafx.h"
void foo()
{
int var[2];
// memory for two ints
var[2] = 0;
// writing to the third int, which doesn't exist.
}

int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:

Run-Time Check Failure #2 - Stack around the variable 'var' was
corrupted.
Again, writing to memory that doesn't belong to you.
Example 3:
#include "stdafx.h"
#include <iostream>
using namespace std;

int a,b;
// uninitialised
int _tmain(int argc, _TCHAR* argv[])
{
int c;
// uninitialised
cout<<a<<"\n";
// a is uninitialised
cout<<b<<"\n";
cout<<c<<"\n";
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #3 - The variable 'c' is being used without
being defined.


c IS defined, it's just not initialised.

You need a C++ book. You REALLY need a C++ book.

Ben Pope
--
I'm not just a number. To many, I'm known as a string...
Feb 9 '06 #4
On Thu, 09 Feb 2006 17:41:12 +0000, Ben Pope wrote:
Antony wrote:
void malice()
{
printf("Hey,you're been attacked.\n");
}
<snip>
(*ret)=(int)malice;
// Whats with the casting? malice returns nothing, yet you're assigning
it's "return" value to 2 ints past an uninitialised point in memory.


Actually, he's assigning the function address. Looks to me like he's
trying to create a stack exploit by setting a function address onto the
return stack.
}


- Jay

Feb 9 '06 #5
Jay_Nabonne wrote:
On Thu, 09 Feb 2006 17:41:12 +0000, Ben Pope wrote:
Antony wrote:
void malice()
{
printf("Hey,you're been attacked.\n");
}
<snip> (*ret)=(int)malice;

// Whats with the casting? malice returns nothing, yet you're assigning
it's "return" value to 2 ints past an uninitialised point in memory.


Actually, he's assigning the function address. Looks to me like he's
trying to create a stack exploit by setting a function address onto the
return stack.


Ahh, now it makes sense. I got lost in all the mess.

Ben Pope
--
I'm not just a number. To many, I'm known as a string...
Feb 9 '06 #6

Ben Pope wrote:
Antony wrote:
Example 3:
#include "stdafx.h"
#include <iostream>
using namespace std;

int a,b;


// uninitialised


a and b have static storage duration so are zero initialised.
int _tmain(int argc, _TCHAR* argv[])
{
int c;


// uninitialised
cout<<a<<"\n";


// a is uninitialised


No, a is initialised, as is b. c is not, hence the error message
complaining about c but not a or b (that being just one of the infinite
possible outcomes of undefined behaviour).
cout<<b<<"\n";
cout<<c<<"\n";
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #3 - The variable 'c' is being used without
being defined.


c IS defined, it's just not initialised.

You need a C++ book. You REALLY need a C++ book.


Yep

Gavin Deane

Feb 9 '06 #7
> compiler£ºVisual Studio.Net 2003 (VC7.1)
compile type£ºDebug
problem: wanted more information about the "Run-Time Check Failure
#n",thanks!
Your code invokes undefined behavior, as such the compiler can do
whatever it wants, apparently what it chose to do was produce these
diagnostics.

Example1:
#include "stdafx.h"
void malice()
{
printf("Hey,you're been attacked.\n");
}

void foo()
{
int *ret;
ret=(int*)&ret+2;
(*ret)=(int)malice;
}

int tmain(int argc, TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #0 - The value of ESP was not properly saved
across a function call. This is usually a result of calling a
function declared with one calling convention with a function
pointer declared with a different calling convention.
Do you know what this code does? It creates an int* on the stack, then
assigns it a value of some memory location near it on the stack, then
assigns the memory location of the malice function (as a value) to the
memory location it found. ICK!
Example 2:
#include "stdafx.h"
void foo()
{
int var[2];
var[2] = 0;
}

int tmain(int argc, TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:

Run-Time Check Failure #2 - Stack around the variable 'var' was
corrupted.
Here you create a two element array (var[2]) then assign 0 to the
memory location just past the end of that array (var[2] = 0). The
proper locations in var are var[0] and var[1]... There is no var[2].

Just like the previous code, you are corrupting the stack.
Example 3:
#include "stdafx.h"
#include <iostream>
using namespace std;

int a,b;
int tmain(int argc, TCHAR* argv[])
{
int c;
cout<<a<<"\n";
cout<<b<<"\n";
cout<<c<<"\n";
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #3 - The variable 'c' is being used without
being defined.


That's an odd one. 'c' is defined, but it hasn't been assigned a
value. ('a' and 'b' are automatically assigned 0 because they are
global.)
Feb 9 '06 #8
> "Antony" <an********@gmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
compiler£ºVisual Studio.Net 2003 (VC7.1)
compile type£ºDebug
problem: wanted more information about the "Run-Time Check Failure
#n",thanks!

Example1:
#include "stdafx.h"
void malice()
{
printf("Hey,you're been attacked.\n");
}

void foo()
{
int *ret;
ret=(int*)&ret+2;
(*ret)=(int)malice;
}
int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #0 - The value of ESP was not properly saved
across a function call. This is usually a result of calling a function
declared with one calling convention with a function pointer declared
with a different calling convention.
It's quite obvious you are trying to corrupt the stack and place the address
of your function in place of the address of the calling function on the
stack. It's also quite obvious that you only have enough brains to shoot
yourself in the foot. Why are you surprised by an error reporting a
corrupted stack pushed register when you screwed it up?
Example 2:
#include "stdafx.h"
void foo()
{
int var[2];
var[2] = 0;
}

int _tmain(int argc, _TCHAR* argv[])
{
foo();
return 0;
}
Run this program,It prompt:

Run-Time Check Failure #2 - Stack around the variable 'var' was
corrupted.
Here is a buffer overflow attempting the same thing as above. Again, why
are you surprised?
Example 3:
#include "stdafx.h"
#include <iostream>
using namespace std;

int a,b;
int _tmain(int argc, _TCHAR* argv[])
{
int c;
cout<<a<<"\n";
cout<<b<<"\n";
cout<<c<<"\n";
return 0;
}
Run this program,It prompt:
Run-Time Check Failure #3 - The variable 'c' is being used without
being defined.


Re-read the error message and I'm fairly sure it'll say it's being used
without being initialized, not defined.

The only comfort I have that with your level of expertise you won't be
writing a worm to affect the internet anytime soon.
Feb 9 '06 #9

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

13 posts views Thread by Bob Day | last post: by
3 posts views Thread by emman_54 | last post: by
19 posts views Thread by Bryan | last post: by
9 posts views Thread by Brett Wesoloski | last post: by
8 posts views Thread by David Thielen | last post: by
3 posts views Thread by traceable1 | last post: by
7 posts views Thread by mxdevit | last post: by
reply views Thread by NPC403 | last post: by
reply views Thread by kermitthefrogpy | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.