[SPCA] Vulnerabilities

2026-03-14 23:10:03 +01:00 · 2026-01-13 17:26:14 +01:00
parent 42d368525f
commit 738115f0b3
6 changed files with 71 additions and 1 deletions
--- a/semester3/spca/code-examples/00_c/05_vulnerabilities/01_buffer_overflow_echo.c
+++ b/semester3/spca/code-examples/00_c/05_vulnerabilities/01_buffer_overflow_echo.c
@@ -0,0 +1,14 @@
+#include <stdio.h>
+
+void echo() {
+    char buf[4];    // Limited size
+    gets(buf);      // Assumes size matches, does not check!
+    puts(buf);      
+}
+
+int main()
+{
+    printf("Type a string:");   // No size check enforced!
+    echo();
+    return 0;
+}
--- a/semester3/spca/code-examples/00_c/05_vulnerabilities/02_buffer_overflow_echo_asm.s
+++ b/semester3/spca/code-examples/00_c/05_vulnerabilities/02_buffer_overflow_echo_asm.s
@@ -0,0 +1,8 @@
+echo:
+    subq $24, %rsp      # Allocate stack space for buf  
+    movq %rsp, %rdi
+    call gets
+    movq %rsp, %rdi
+    call puts
+    addq $24, %rsp
+    ret