4. Consider the following C code fragment: 1 int 2 main(int argc, char **argv) 3 { 4 = 8 5 char Ibuf [1024] = { 0, }; 6 7 (void) read (STDIN_FILENO, Ibuf, 1023); (void) foobar (Ibuf); 9 10 exit (0); 11 } 12 13 int 14 bar (char *arg) 15 { 16 17 char msg [1024] { 0, }; 18 19 snprintf(msg, 1023, arg); 20 return write (STDOUT_FILENO, msg, strlen (msg)); 21 } 22 23 void foobar (char *arg) { return bar(arg); } = a. Give a thorough description of the program's vulnerability. In particular, name the vulnerability (1 mark) and provide a detailed overview of its exploitation (3 marks). Then, identify and explain thoroughly all the components that are involved in the exploit (4 marks). [8 marks] b. How would an attacker exploit the vulnerability? Hint: describe in detail what the injection vector would look like (and what retaddr and retloc the attacker may use). Use symbolic values and addresses when needed (no need to write down the shellcode). [10 marks] c. Would StackGuard or a bounds checker mitigate the vulnerability (1 mark)? Explain clearly the reasons (4 marks). [5 marks) d. How can the program be fixed? [2 marks]