1) Find buffer overflow bug(s) 2) fix the code by correcting all the vulnerable
ID: 3737820 • Letter: 1
Question
1) Find buffer overflow bug(s)
2) fix the code by correcting all the vulnerable codes from buffer overflow
#include #include
int main(int argc, char *argv[]) {
int i;
char buf[100];
char firstname[30]; char lastname[30]; char jobtitle[80]; char email[80]; char phone[15]; char company[80];
char buffer[500]; char* copyright; char *cstr; size_t needed; int n;
// We are passing command line argument to buf if there is one
if(argc>=2) {
strncpy(buf, argv[1], 100);
}
copyright = getenv("COPYRIGHT");
printf("Welcome ");
if (copyright!=NULL) {
needed = snprintf(NULL, 0, "echo © %s", copyright); cstr = malloc(needed+1);?snprintf(cstr, needed+1, "echo © %s", copyright); system(cstr);
free(cstr);
} else {
system("echo © 2018"); }
printf("Please fill out the registration form by answering questions below "); printf("First name:");?gets(firstname);
printf("Last name:"); gets(lastname);
printf("Job title:"); gets(jobtitle);
printf("Email:"); gets(email);
printf("Phone:"); gets(phone);
printf("Company:"); gets(company);
printf(" Your Registration Information is: "); printf("First name:%s ",firstname); printf("Last name:%s ",lastname);?printf("Job title:%s ",jobtitle); printf("Email:%s ",email); printf("Phone:%s ",phone);
printf("Company:%s ",company);
n=sprintf (buffer, "echo %s firstname,lastname,jobtitle,email,phone,company);
i = system(buffer);
return 0;
}
Explanation / Answer
#include <stdio.h>
#include <stdlib.h>
#include<string.h>
int main(int argc, char *argv[]) {
int i;
char buf[100];
char firstname[30]; char lastname[30]; char jobtitle[80]; char email[80]; char phone[15]; char company[80];
char buffer[500]; char* copyright; char *cstr; size_t needed; int n;
// We are passing command line argument to buf if there is one
if(argc>=2) {
strncpy(buf, argv[1], 100);
}
copyright = getenv("COPYRIGHT");
printf("Welcome ");
if (copyright!=NULL) {
needed = snprintf(NULL, 0, "echo © %s", copyright);
cstr = malloc(needed+1);
snprintf(cstr, needed+1, "echo © %s", copyright);
system(cstr);
free(cstr);
} else {
system("echo © 2018"); }
printf("Please fill out the registration form by answering questions below ");
printf("First name:");
gets(firstname);
printf("Last name:"); gets(lastname);
printf("Job title:"); gets(jobtitle);
printf("Email:"); gets(email);
printf("Phone:"); gets(phone);
printf("Company:"); gets(company);
printf(" Your Registration Information is: ");
printf("First name:%s ",firstname);
printf("Last name:%s ",lastname);
printf("Job title:%s ",jobtitle);
printf("Email:%s ",email);
printf("Phone:%s ",phone);
printf("Company:%s ",company);
n=sprintf (buffer, "echo %s firstname,lastname,jobtitle,email,phone,company");
i = system(buffer);
return 0;
}
---
output sample:-
Welcome
© 2018
Please fill out the registration form by answering questions below
First name:RAJ
Last name:JAJRA
Job title:Engineer
Email:abc
Phone:1234569
Company:ABC
Your Registration Information is:
First name:RAJ
Last name:JAJRA
Job title:Engineer
Email:abc
Phone:1234569
Company:ABC
C firstname,lastname,jobtitle,email,phone,company
---------------------------------------------------------------------------------------------
If you have any query, please feel free to ask.
Thanks a lot.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.