Category: Overflow  

Definitions:

Buffer Overflow - When a program uses gets( ) which reads all available data into the array without checking bounds.
Bounds Checking - gets( ) does no bound checking on the buffer.

What You Should Not Do

Do not use gets( ) to read data.This can cause indeterminate program behavior (usually leading to a segfault), or hijack the program's flow.

#include 
#include 
int main(void)
{
  char buffer[16];
  int pass=0
  printf("\n Enter the password : \n");
  if(gets(buffer)!=NULL)
  {
   if(strcmp(buffer, "thegeekstuff"))
   {
     printf ("\n Wrong Password \n");
   }
   else
   {      printf ("\n Correct Password \n");
     pass = 1;
   }     if(pass)
    {
     /* Admin rights given to the user*/
     printf ("\n You are root \n");
    }
    return 0;
  }
}

Here gets() does no bound checking on the buffer. This leads to the user gaining admin rights even if the password entered is wrong. For example , the user enters the following string as password pppppppppppppppppppp The output is going to be as follows: Wrong Password You are root

What You Should Do

Use fgets() which is a buffer safe function.

fgets(buffer, sizeof(buffer), stdin);

Concept Map

This example refers to the point C (Do not use input or constructor string functions that do not perform in such a way that it can happen) and D (Do not use input or constructor functions that cannot check the length of the input)This maps to Bad Code and Input, in the concept map.

 
 
JSN Teki template designed by JoomlaShine.com