Reasons for Stack Corruption in a C Program

Stack corruption occurs when a program writes outside the boundaries of the allocated stack memory, leading to unpredictable behavior, crashes, or security vulnerabilities. Here are the main causes:

1. Buffer Overflow (Writing Past Array Bounds)

Writing beyond the allocated size of an array can overwrite adjacent stack memory.

Example:

#include <stdio.h>

void badFunction() {
    char buffer[10];  
    for (int i = 0; i < 20; i++) {  // Writing beyond buffer size!
        buffer[i] = 'A';
    }
}

int main() {
    badFunction();
    return 0;
}

🔴 Risk: Overwrites return addresses, local variables, or function parameters.

2. Incorrect `printf` Format Specifiers

Using %s with a non-string value or forgetting to pass arguments correctly can lead to undefined behavior.

Example:

#include <stdio.h>

int main() {
    int num = 123;
    printf("%s", num);  // Wrong: passing an integer instead of a string!
    return 0;
}

🔴 Risk: printf will interpret num as a pointer, leading to stack corruption.

3. Returning a Local Variable's Address

Returning the address of a local variable leads to accessing memory that is no longer valid after the function returns.

Example:

#include <stdio.h>

char* getMessage() {
    char msg[] = "Hello";  // Local variable stored on the stack
    return msg;  // Returning address of a destroyed stack variable
}

int main() {
    char *ptr = getMessage();
    printf("%s\n", ptr);  // Undefined behavior
    return 0;
}

🔴 Risk: msg is destroyed when getMessage() returns, causing memory corruption.

✔ Fix: Use static or dynamic memory allocation.

4. Mismatched Function Call Convention

Calling a function with the wrong calling convention can corrupt the stack.

Example:

#include <stdio.h>

void __stdcall myFunction(int a, int b) {
    printf("a: %d, b: %d\n", a, b);
}

int main() {
    void (*funcPtr)(int, int) = myFunction;
    funcPtr(10);  // Missing parameter!
    return 0;
}

🔴 Risk: The stack pointer may not be restored correctly.

✔ Fix: Ensure function calls match the expected signature.

5. Infinite Recursion (Stack Overflow)

Recursive functions without a base condition can cause stack exhaustion.

Example:

void recursiveFunction() {
    recursiveFunction();  // No termination condition!
}

int main() {
    recursiveFunction();
    return 0;
}

🔴 Risk: The stack will overflow, causing a segmentation fault.

✔ Fix: Always include a base case in recursive functions.

6. Unaligned Memory Access (on Some Architectures)

Some architectures require specific memory alignment, and misaligned stack accesses can lead to crashes.

Example:

struct Unaligned {
    char c;
    int num;  // May be misaligned if not padded properly
};

void test() {
    struct Unaligned u;
    int *ptr = (int *)(&u.c);
    *ptr = 42;  // May cause a crash on certain architectures
}

🔴 Risk: Can cause bus errors on architectures like ARM.

✔ Fix: Use __attribute__((aligned(N))) or proper struct padding.

7. Stack Memory Corruption by Wild Pointers

Accessing uninitialized or dangling pointers can overwrite stack memory.

Example:

#include <stdio.h>

void test() {
    int *ptr;  // Uninitialized pointer
    *ptr = 42;  // Writing to an unknown memory location
}

int main() {
    test();
    return 0;
}

🔴 Risk: Writing to an undefined memory location can corrupt the stack.

✔ Fix: Always initialize pointers before use.

8. Corrupting Stack Frame via Function Pointer Misuse

Function pointers must point to valid function addresses; otherwise, execution will jump to random memory locations.

Example:

#include <stdio.h>

void hello() {
    printf("Hello\n");
}

int main() {
    void (*funcPtr)() = (void *)0x12345678;  // Invalid address!
    funcPtr();  // Undefined behavior
    return 0;
}

🔴 Risk: Jumping to an invalid address can cause stack corruption.

✔ Fix: Ensure function pointers are correctly assigned.

8. Corrupting Stack Frame due to missing return statement

If function is supposed to return a value but the return statement is not executed a garbage value will be returned from stack or register.

#include <stdio.h>

int hello() {
    printf("Hello\n");
}

int main() {
    int ret;
    ret = hello();

    printf(" ret %d\n"); // Undefined output

    return 0;
}

🔴 Risk: Missing return statement can cause stack corruption

✔ Fix: Ensure that return statement is present in each pth.

How to Detect and Debug Stack Corruption

✅ Use Compiler Warnings & Flags:

gcc -Wall -Wextra -fstack-protector -g program.c -o program

✅ Enable Address Sanitizer (ASan) in GCC/Clang:

gcc -fsanitize=address -g program.c -o program
./program

✅ Use gdb to Debug Crashes:

gdb ./program
run
bt  # Backtrace to see where it crashed

✅ Valgrind for Memory Issues:

valgrind --tool=memcheck ./program

Final Thoughts

🔴 Stack corruption is dangerous and can lead to crashes, security vulnerabilities, and hard-to-debug errors.
🛠 Always validate inputs, avoid buffer overflows, use proper function calls, and enable compiler warnings to catch issues early.

Search This Blog

C Programming Notes by Ashok