Makefile: make test

overflow.c: commented out the vulnerable function
author: toni <matzeton@googlemail.com> 2013-03-05 13:31:55 +0100
committer: toni <matzeton@googlemail.com> 2013-03-05 13:31:55 +0100
commit: 664c8f1794db0c1f4ebafab955baaba04fc35ec2 (patch)
tree: 73f702ba64676dac111069c2c94bc195b956616a /overflow.c
parent: 8470dfca39fca5c5c72ea368fcdce6a445305a14 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/overflow.c b/overflow.c
index 1e33b2d..8c50e07 100644
--- a/overflow.c
+++ b/overflow.c
@@ -10,7 +10,7 @@
 #include <string.h>
 
 #define ENV_VAR   "EXPLOIT"
-#define BUFLEN    2
+#define BUFLEN    10
 
 char buf[BUFLEN];
 char *env;
@@ -22,14 +22,14 @@ main(int argc, char **argv)
   if (argc > 1)
     {
       fprintf(stderr, "arg0: %s\n", argv[1]);
-
+      /* possible stack overflow via command line */
       strcpy(buf, argv[1]);
     }
   else if ((env = getenv(ENV_VAR)))
     {
       fprintf(stderr, "env_var: "ENV_VAR"\n");
       fprintf(stderr, "env: %s\n", env);
-
+      /* possible stack overflow via enviroment variable */
       strcpy(buf, env);
     }
   else
@@ -38,7 +38,7 @@ main(int argc, char **argv)
       return(1);
     }
 
-  printf("buf: %p\n", buf);
+  printf("*buf: %p\n", buf);
 
   return (0);
 }
author	toni <matzeton@googlemail.com>	2013-03-05 13:31:55 +0100
committer	toni <matzeton@googlemail.com>	2013-03-05 13:31:55 +0100
commit	664c8f1794db0c1f4ebafab955baaba04fc35ec2 (patch)
tree	73f702ba64676dac111069c2c94bc195b956616a /overflow.c
parent	8470dfca39fca5c5c72ea368fcdce6a445305a14 (diff)