[PLUG] stack smash

[abhi]

>ret = buffer1 + 13; // ebp + 4
>works fine for me, try n let me know what u get

Hi null null(heh)
  I tried but* aint working*.
  What OS, kernel,  gcc do u have?

Heres the asm of function():
(gdb) disas function
Dump of assembler code for function function:
0x08048414 <function+0>:    push   %ebp
0x08048415 <function+1>:    mov    %esp,%ebp
0x08048417 <function+3>:    sub    $0x28,%esp
0x0804841a <function+6>:    mov    %gs:0x14,%eax
0x08048420 <function+12>:    mov    %eax,-0x4(%ebp)
0x08048423 <function+15>:    xor    %eax,%eax
0x08048425 <function+17>:    lea    -0x19(%ebp),%eax
0x08048428 <function+20>:    add    $0xd,%eax
0x0804842b <function+23>:    mov    %eax,-0x14(%ebp)
0x0804842e <function+26>:    mov    -0x14(%ebp),%eax
0x08048431 <function+29>:    mov    (%eax),%eax
0x08048433 <function+31>:    lea    0x7(%eax),%edx
0x08048436 <function+34>:    mov    -0x14(%ebp),%eax
0x08048439 <function+37>:    mov    %edx,(%eax)
0x0804843b <function+39>:    mov    -0x4(%ebp),%eax
0x0804843e <function+42>:    xor    %gs:0x14,%eax
0x08048445 <function+49>:    je     0x804844c <function+56>
0x08048447 <function+51>:    call   0x8048350 <__stack_chk_fail at plt>
0x0804844c <function+56>:    leave
0x0804844d <function+57>:    ret
End of assembler dump.


Thanks.
Cheers



-- 
“In fact, by only taking a few observations, and selecting our numbers, we
can by the effect of accidental causes defend all possible theories. By the
aid of such numbers, whose truth in other respects cannot be contested, we
set our consciences perfectly at rest, and demonstrate nearly anything we
may wish. This it is which always inspires so great a distrust in respect to
special statistics, and which has done the greatest injury to science with
persons who only judge of things superficially.”
- M. A. Quetelet