For my question I have two samples of my code. I need to know what vulnerability I've got in each of them, how this could potentially be exploited by an attacker, as well as what fixes I could implement to fix it. Can you please include the fixes written in C?

Part one of code:

#include string.h #define BUFFER LENGTH 15 void chk permission(char *str) { char buf[BUFFER LENGTH]; int pass = 0; strcpy(buf,Buffer); if(strcmp(buf, savedPassword) == 0) //match found { pass = 1; } if(pass) { grant permission(); } } int main (int argc, char argv) { chk permission(argv[1]); }

part 2 of code: (Pretty sure this is vulnerable to sql injection attack, but please let me know if I am right)

public static void main( String args[] ) { try { //... Database connection created and established .... ...// String sql query = session.createQuery(SELECT * FROM accounts WHERE custID= + request.getParameter(id) + ); stmt.executeQuery(sql query); c.commit(); } catch ( Exception e ) { System.exit(0); } }