Makefile: make test

overflow.c: commented out the vulnerable function

3 files changed, 15 insertions, 6 deletions

diff --git a/.gitignore b/.gitignore
index 59c431e..15bd5e2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,2 @@
 /exploit
 /overflow
-/.project
diff --git a/Makefile b/Makefile
index 184e3c8..c9c42dc 100755..100644
--- a/Makefile
+++ b/Makefile
@@ -10,6 +10,16 @@ overflow:
 	@echo 'building overflow'
 	gcc -Wall -m32 -mpreferred-stack-boundary=2 -g -fno-stack-protector overflow.c -o overflow
 
+test: overflow
+	@if [ -x /usr/bin/python ]; then \
+	  ./overflow `python -c 'print "A"*5000'`; \
+	else \
+	  echo 'Missing PYTHON; not testing'; \
+	fi
+	@echo 'TEST FAILED: ./overflow not segfaulting'
+
 clean:
-	-$(RM) overflow exploit
+	-$(RM) -f overflow exploit
 	-@echo ' '
+
+.PHONY: all clean
diff --git a/overflow.c b/overflow.c
index 1e33b2d..8c50e07 100644
--- a/overflow.c
+++ b/overflow.c
@@ -10,7 +10,7 @@
 #include <string.h>
 
 #define ENV_VAR   "EXPLOIT"
-#define BUFLEN    2
+#define BUFLEN    10
 
 char buf[BUFLEN];
 char *env;
@@ -22,14 +22,14 @@ main(int argc, char **argv)
   if (argc > 1)
     {
       fprintf(stderr, "arg0: %s\n", argv[1]);
-
+      /* possible stack overflow via command line */
       strcpy(buf, argv[1]);
     }
   else if ((env = getenv(ENV_VAR)))
     {
       fprintf(stderr, "env_var: "ENV_VAR"\n");
       fprintf(stderr, "env: %s\n", env);
-
+      /* possible stack overflow via enviroment variable */
       strcpy(buf, env);
     }
   else
@@ -38,7 +38,7 @@ main(int argc, char **argv)
       return(1);
     }
 
-  printf("buf: %p\n", buf);
+  printf("*buf: %p\n", buf);
 
   return (0);
 }