Q$\mathrm{.}8.($Marks: $10)$

#include #include #include int foo$($char $*$str$)$

$\{$ char buffer$[100]$; $/*$ The following statement has a buffer overflow problem $*/$ strcpy$($buffer$,$ str$)$; return $1$;

int main$($int argc, char $**$argv$)$

char str$[400]$;

FILE $*$badfile;

badfile $=$ fopen$("$badfile$","$r$")$;$"$

fread$($str$,$ sizeof$($char$),300,$ badfile$)$;

foo$($str$)$;

printf$("$Returned Properly

$")$;

return $1$;

In the above given sample code expalin how you would perform a bufferoverflow attack. Draw a detailed diagram of position of variables placed on the stack. Finally also explain how canary based protection mechanism can be used as defense.