AvirukBasak
commented
1 year ago i can give this a shot, wanna assign me?
Open Zerotistic opened 1 year ago
AvirukBasak
commented
1 year ago i can give this a shot, wanna assign me?
As the title implies, entering a lengthy string can cause a segmentation fault. Using scanf("%s") without specifying the maximum length of the input string can be hazardous, and I suggest taking measures to address this issue. One way to accomplish this is to indicate the maximum length of the string that will be received. For instance, if the buffer size is 50, using scanf("%49s") will ensure that at most 49 characters are read into the buffer. It's also a good practice to check the return value of scanf to make sure that the expected number of input items have been successfully read. If scanf returns a value less than the number of expected input items, it means that there was an error or end-of-file condition.
Proof of segfault:
In gdb:
As is evident, gaining control of the rip register can result in the possibility of Remote Code Execution (RCE).
Using
sprintf()is also dangerous and should be avoided, too.