Question
#include #include int authenticate(){ /* Using a struct for the local variables forces them */ /* to be created in a particular order on the
#include
int authenticate(){
/* Using a struct for the local variables forces them */ /* to be created in a particular order on the stack. */ /* Otherwise, the compiler is free to create them in */ /* any order it likes. */ struct { char password[7]; char auth; } locals;
/* Until the user authenticates, set the auth flag to */ /* FALSE. (In C, 0 == FALSE, and any nonzero value */ /* equates to TRUE.) */ locals.auth = 0;
/* Prompt the user for their password and store it */ printf("Please enter your password:"); gets(locals.password);
/* Compare the password entered to the true password. */ /* If they match, set the auth flag to TRUE. */ if (!strcmp("secret", locals.password)) { locals.auth = 1; }
/* Return the auth flag (0 or 1) to the caller. */ return locals.auth; }
int main(){
/* Check if the user correctly authenticated */ if (authenticate()) {
/* If so, print an appropriate message. */ printf("User authenticated. ");
/* Otherwise, let them know. */ } else { printf("INCORRECT! "); }
}
- Which line of code in this file is the source of the buffer overflow vulnerability?
- Which variable is subject to overflow?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Spatio Temporal Database Management International Workshop Stdbm 99 Edinburgh Scotland September 10 11 1999 Proceedings Lncs 1678
Authors: Michael H. Bohlen ,Christian S. Jensen ,Michel O. Scholl
1999th Edition
3540664017, 978-3540664017
