Created
March 25, 2017 20:50
-
-
Save masbog/2ef3534dad3a654365ce4384f70325c6 to your computer and use it in GitHub Desktop.
Mobile Top 10 2016-M7-Poor Code Quality example (buffer overflows, format string vulnerabilities)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| int main(int argc, char **argv) | |
| { | |
| char text[1024]; | |
| static int some_value = -72; | |
| strcpy(text, argv[1]); /* ignore the buffer overflow here */ | |
| printf("This is how you print correctly:\n"); | |
| printf("%s", text); | |
| printf("This is how not to print:\n"); | |
| printf(text); | |
| printf("some_value @ 0x%08x = %d [0x%08x]", &some_value, some_value, some_value); | |
| return(0); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment