![]() |
| | #1 |
| Registered User Join Date: Nov 2009
Posts: 1
| C bufferoverflow question. can anyone solve it? Code: void func(char * str)
{
char buff[16];
strcpy(buff,str);
}
void main(int argc, char * argv[])
{
int check = 1;
func(argv);
if(check == 1)
{
printf(“check should be 1 (%d)\n”,check);
} else
{
Printf(“check should not be 1 (%d)\n”,check);
}
}
After the buffer overflow attack the output of the program should be the following: check should not be 1 (25) Q2. Mount buffer overflow attack on the given program and bypass the “if” condition. After the buffer overflow attack the output of the program should be the following: check should not be 1 (1) Q3. Increase the size of the buffer “buff” to as much as you want. Mount a buffer overflow attack and make the program execute a shell (“/bin/bash”). |
| asdfgh is offline | |
| | #2 |
| Guest Join Date: Aug 2001
Posts: 4,923
| Hint: why wouldn't this be vulnerable to a buffer overflow? Code: #include<stdio.h>
#include<stdlib.h>
#include<string.h>
#define CONSTANT 2
int main( int argc, char** argv )
{
int unused = CONSTANT;
char buffer[ CONSTANT ];
if( argc != 2 )
{
printf( "Overflow This!\n" );
printf( "Usage: %s <text>\n", *argv );
return EXIT_FAILURE;
}
strncpy( buffer, argv[ 1 ], sizeof( buffer ) );
buffer[ sizeof( buffer ) - 1 ] = 0;
printf( "Unused = %d, Buffer: '%s'\n", unused, buffer );
return EXIT_SUCCESS;
}
|
| Sebastiani is offline | |
| | #3 | |
| Registered User Join Date: Nov 2008
Posts: 75
| Quote:
| |
| MisterIO is offline | |
![]() |
| Thread Tools | |
| Display Modes | |
|
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| another do while question | kbpsu | C++ Programming | 3 | 03-23-2009 12:14 PM |
| Design layer question | mdoland | C# Programming | 0 | 10-19-2007 04:22 AM |
| A question on Pointers & Structs | FJ8II | C++ Programming | 4 | 05-28-2007 10:56 PM |
| Question type program for beginners | Kirdra | C++ Programming | 7 | 09-15-2002 05:10 AM |
| what does this warningmean??? | kreyes | C Programming | 5 | 03-04-2002 07:53 AM |