I get the error (stack around the variable buf was corrupted) after the message box, how do I fix it?

Question

I get the error (stack around the variable buf was corrupted) after the message box, how do I fix it?

Ahmed Osama 120

How do I fix the error (stack around the variable "buf" was corrupted)

The code:

  if (HIWORD(wParam) == BN_CLICKED && LOWORD(wParam) != IDM_ABOUT && LOWORD(wParam) != IDM_EXIT) {
            GetWindowTextA(hWndEdit, &fin[0], 64300);
            GetWindowTextA(hWndEdit2, &scin[0], 64300);
            if (scin == (LPSTR)"") {
                ShellExecuteA(NULL, "runas", &fin[0], NULL, NULL, SW_SHOWNORMAL);
            }
            else {
                ShellExecuteA(NULL, "runas", &fin[0], &scin[0], NULL, SW_SHOWNORMAL);
            }
            if (GetLastError() != 0) {
                char buf;
                sprintf(&buf, "%08x", (int)GetLastError());
                std::string res(&buf);
                DWORD le = GetLastError();
                std::string message = (std::string)"APC Administrative Application Execution Utility encountured an error of code 0x" + res + ": " + "\"" + std::system_category().message(GetLastError()); +"\"";
                int lastError = GetLastError();
                std::wstring hexerror = L"0x" + WCHAR(DecToHex(GetLastError()));
                const char* HEs = message.c_str();
                MessageBoxA(hWnd, LPCSTR(message.c_str()), "APC Administrative Application Execution Utility", MB_ICONERROR);
            }

It says:

Run-Time Check Failure #2 - Stack around the variable 'buf' was corrupted.

Image:

User's image

How to fix this problem and without causing errors?

Answer 1

RLWA32 29,846

The call to sprintf in the posted code is printing 8 characters to a 1 character buffer. The buffer overrun has corrupted the stack. The destination buffer should be at least 9 characters, 8 for the text and 1 for the null terminator.

Ahmed Osama 120 Reputation points

2023-03-01T15:28:49.23+00:00
Do you mean:

char buf[9]; sprintf(&buf[0], "%08x", (int)GetLastError()); std::string res(&buf[0]);
Ahmed Osama 120 Reputation points

2023-03-01T15:30:41.11+00:00

It should be &buf[0] or otherwise it would write to something after the string (because of it writing at something after the beginning) causing errors
Ahmed Osama 120 Reputation points

2023-03-01T15:38:43.65+00:00

exactly 8 bytes after the variable
RLWA32 29,846 Reputation points

2023-03-01T15:49:37.16+00:00
It can be -

char dest[9]; sprintf(dest, "%08x", ERROR_INVALID_PARAMETER);

In C/C++ the above syntax passes the address of the dest array.

You should give consideration to using the secure versions of CRT functions that take buffer lengths as a parameter. Refer to https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/sprintf-s-sprintf-s-l-swprintf-s-swprintf-s-l?view=msvc-170

Answer 2

Here's the final executable:

https://1drv.ms/u/s!AmKkgU04nxaruFZRxwdLcKkmHsPR?e=Gatu9S

WARNING: ALL THE FILES CONTAINED ARE THE INTELLECTUAL PROPERTY RIGHTS AND COPYRIGHTS OF ME, ANY REVERSE ENGINNIRING, COPYING, MODIFIYING, OR OTHERWISE TRANSFERRING THE EXECUTABLE OR MODIFIYING IT OR MOVING THE EXECUTABLE IN ANY WAY, OR REVERSE ENGINNIRING OR TRANSFERRING THE SOURCE FORM OF THE EXECUTABLE, NON-COMPILED WITHOUT THE EXPRESS WRITTEN PERMISSION OF ME, ANY THING OF THOSE OBLIGATIONS IF MADE WITHOUT EXPRESS WRITTEN PERMISSION, IT WOULD BE CONSIDERED COPYRIGHT INFIRGMENT, VIOLATORS WILL BE PROSECUTED TO THE MAXIUMUM EXTENT POSSIBLE ALLOWED BY LAW.

Ahmed Osama 120 Reputation points

2023-03-01T15:32:52.2966667+00:00

Full link:

https://onedrive.live.com/?cid=AB169F384D81A462&q=%2Eexe&scope=drive&id=AB169F384D81A462%217242&parId=root&parQt=search&o=OneUp

I get the error (stack around the variable buf was corrupted) after the message box, how do I fix it?

1 additional answer

Activity