C   31

buffer.c

Guest on 15th January 2022 05:08:21 AM

  1. /* A non-heap buffer overflow example */
  2. #include <stdio.h>
  3.  
  4. #define SUPERUSER 0
  5.  
  6. /* A dummy function which could represent some superuser validation logic. */
  7. int
  8. get_user_permissions(void) {
  9.   return SUPERUSER;
  10. }
  11.  
  12. int
  13. main(int argc, char **argv) {
  14.   struct bar {
  15.     char foo[10];
  16.     int l;
  17.   } barvar;
  18.  
  19.   barvar.l = get_user_permissions(); // Should keep "l" at 0
  20.  
  21.   printf("Enter the answer: ");
  22.   scanf("%s", barvar.foo); // Accepts more than 10 bytes
  23.  
  24.   printf("\n%d\n", barvar.l); // "l" might get overwritten
  25.  
  26.   if(barvar.l == 0) {
  27.       // Do what I actually want
  28.       printf("Live cautiously\n");
  29.   } else {
  30.       // Only superusers should be able to do this
  31.       printf("Live dangerously\n");
  32.   }
  33.  
  34.   return 0;
  35. }

Raw Paste


Login or Register to edit or fork this paste. It's free.