Copying too much
suggest changechar buf[8]; /* tiny buffer, easy to overflow */
printf("What is your name?\n");
scanf("%s", buf); /* WRONG */
scanf("%7s", buf); /* RIGHT */
If the user enters a string longer than 7 characters (- 1 for the null terminator), memory behind the buffer buf
will be overwritten. This results in undefined behavior. Malicious hackers often exploit this in order to overwrite the return address, and change it to the address of the hacker’s malicious code.
Found a mistake? Have a question or improvement idea?
Let me know.
Table Of Contents