Let us consider the following program, where the copy function is a (naive) attempt to protect the execution against buffer overflow vulnerabilities:

void copy(char b[] , int l){

// b is a string and l is its length

char t[16] ; //16 bytes

int ok ; // 4 bytes

if (l > 15)

ok = 0 ;

else

ok = 1;

strcpy(t, b); //copy b into t

if (ok ==0) { // a buffer overflow did occur in t

printf("a buffer overflow occurred !");

exit(0);

} else //t contains no more than 15 characters (no overflow)

foo(t);

}

int main(){

char buf [24]

scanf("%$", buf) ; //read a string value from the user into buf

copy(buf, strlen(buf)) ; // strlen(buf) is the number of characters in buf

/*...*/

return 0;

}

(a) This program is not secure : there exists a user input allowing to call foo with an array argument t containing more than 15 characters. Give an example of such input.