C variable length parameter

The variable-length parameters are mentioned earlier:

Last but not least: the first parameter is the form of a subsequent parameter , format.i.e. Printf

What I want to say in this article is the problem of insecurity-.-! Actually, I'm messing around.

First on the code

#include <stdio.h>#include<stdlib.h>#include<stdarg.h>voidSubfunc (Char*format,...) {    inti;    Va_list ap;    Va_start (Ap,format);  for(i=0; format[i]!=' /'; i++){        Switch(Format[i]) { Case 's': printf ("%s\n", Va_arg (AP,Char*));  Break;  Case 'D': printf ("%d\n", Va_arg (AP,int));  Break; default: printf ("format over.\n");  Break;    }} va_end (AP); return;}voidfunc () {inta[ -]; intI=0;  for(i=0;i< -; i++) A[i]=-1; Subfunc ("ddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",1); return;};intMainvoid){    intpause;        Func (); scanf ("%d",&pause); return 0;}

C Code

What I want to do in this code is to read the data of the function below the function stack in the sub-function (or the function above the function stack).

In the notation of a variable-length parameter, a parameter is the form of a subsequent parameter, so if we supply the number of arguments after the first parameter, the number required for the first parameter is different. Then you should read the data below the function stack .

Now that you can read the data of the function below the function stack, you can naturally get information such as the return address of the following function , then you can disguise the return? Pending testing ...

C variable length parameter