HomeworkLib
Question

Fix the code below to make it so that it is not vulernable to stack buffer overflow

void gctinp (ohar *inp, int siz) puts (Input value: ) fgets (inp, siz, stdin) printf(buffer3 getinp read %s\n, inp); void display (char val) char tmp [16]; sprintf(tmp, read val : puts (tmp); %s\n, val); int main(int argc, char *argv []) char buf [16]; getinp (buf, sizeof (buf)) display (buf); printf (buffer3 done In)

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Program code screenshot:

// Declare the required header file #include <stdio.h> #include <string.h> #include <stdlib.h> // ****** Modify this functionSample output:

111) ? clang-7 -pthread -lm -o main main.c } ./main Input value: Sunny day read value: Sunny day Buffer Done? clang-7 -pthread -lm -o main main.c ./main Input value: If you want your children to listen, try talking softly to someone

Program code to copy:

// Declare the required header file

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

// ****** Modify this function ******* //

// Declare the get input function

void gctinp(char * inp, int siz)

{

    // Declare the required variables

    char * input_string;

    int count = 0;

    char c;

    // Ask from the user to

    // prompt the input value

    puts("Input value: ");

    scanf("%c", &c);

    // while loop to check the condition

    while(c != '\n')

    {

        // check the stack count is equal to 16

        if(count == 16)

        {

            // Display the message stack is over floe

            printf("ERROR: Stack OverFlow!!\n");

            return;

        }

        // When stack is zero

        if (count == 0)

        {

            // input the string size

            input_string = (char *)malloc(sizeof(char)*1);

        }

        // otherwise

        else

        {

            // increment the stack size

            input_string = (char*)realloc(input_string, sizeof(char)*count+1);

        }

        // assign the stack char

        input_string[count] = c;

        // increment the stack

        count++;

        // display the stack

        scanf("%c", &c);

    }

  

     // copy the stack size

    strcpy(inp, input_string);

}

// Create a display function

void display(char * val)

{

// Declare the required char array temp

    char temp[16];

    // Display the message

    sprintf(temp,"read value: %s \n",val);

    // puts the temp value

    puts(temp);

}

// Create a main function of the program

int main()

{

// Declare the required variables

    char buf[16];

    // call the gctinp function

    gctinp(buf,sizeof(buf));

    // Display the function

    display(buf);

    // Display message buffer is done

    printf("Buffer Done");

}

0 0
Add a comment
Know the answer?
Add Answer to:
Fix the code below to make it so that it is not vulernable to stack buffer...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • 8. Rewrite the function shown below so that it is no longer vulnerable to a stack...

    8. Rewrite the function shown below so that it is no longer vulnerable to a stack buffer overflow i void gctinp (ohar *inp, int siz) puts (" Input value "); fgets (inp, siz, stdin); printf("buffer3 getinp read %s\n", inp); 3 4 6 7 void display (char *val) 8 9 10 char tmp [16]; sprintf(tmp, "read val: puts (tmp); %s\n", val); 12 13 int main(int argc, char *argv []) 14 15 16 char buf [16]; getinp (buf, sizeof (buf)); 17 18...

  • Combine two codes (code 1) to get names with(code 2) to get info: Code 1: #include<unistd.h>...

    Combine two codes (code 1) to get names with(code 2) to get info: Code 1: #include<unistd.h> #include<sys/types.h> #include<sys/stat.h> #include<fcntl.h> #include<dirent.h> #include<stdio.h> #include<stdlib.h> void do_ls(char []); int main(int argc,char *argv[]) { if(argc == 1) do_ls("."); else while(--argc){ printf("%s:\n",*++argv); do_ls(*argv); } } void do_ls(char dirname[]) { DIR *dir_ptr; struct dirent *direntp; if((dir_ptr = opendir(dirname)) == NULL) fprintf(stderr,"ls1:cannot open %s\n",dirname); else { while((direntp = readdir(dir_ptr)) != NULL) printf("%s\n",direntp->d_name); closedir(dir_ptr); } } ____________________________ code 2: #include <stdio.h> #include <sys/types.h> #include <sys/stat.h> void show_stat_info(char *,...

  • Run the code in Linux and provide the screenshot of the output and input #include <signal.h>...

    Run the code in Linux and provide the screenshot of the output and input #include <signal.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <arpa/inet.h> #include <sys/types.h> #include <sys/socket.h> static void cleanup(); static void docleanup(int signum); static const char *SERVER_ADDR = "127.0.0.1"; static const int SERVER_PORT = 61234; static int cfd = -1; int main(int argc, char *argv[]) { struct sockaddr_in saddr; char buf[128]; int bufsize = 128, bytesread; struct sigaction sigact; printf("client starts running ...\n"); atexit(cleanup); sigact.sa_handler =...

  • How to create different files to test whether it passes the serial number checking. (Hint: need...

    How to create different files to test whether it passes the serial number checking. (Hint: need a hex editor.) please provide two files, one pass, one cannot pass C code: ---------------------------------------------- #include <stdio.h> #include <string.h> int chkserial(char *s) { char buffer[16]; strcpy(buffer, s); return strcmp(buffer, "cs780880"); } void fullversion() { printf("Thanks for purchasing! Enjoy the full-version software!\n"); } void trialversion() { printf("This is a trial version. Please purchase the full version to enable all features!\n"); } int main(int argc, char...

  • Convert C to C++ I need these 4 C file code convert to C++. Please Convert...

    Convert C to C++ I need these 4 C file code convert to C++. Please Convert it to C++ //////first C file: Wunzip.c #include int main(int argc, char* argv[]) { if(argc ==1){ printf("wunzip: file1 [file2 ...]\n"); return 1; } else{ for(int i =1; i< argc;i++){ int num=-1; int numout=-1; int c; int c1;    FILE* file = fopen(argv[i],"rb"); if(file == NULL){ printf("Cannot Open File\n"); return 1; } else{ while(numout != 0){    numout = fread(&num, sizeof(int), 1, file);    c...

  • Modify the client server system program given below so that instead of sendto() and recvfrom(), you...

    Modify the client server system program given below so that instead of sendto() and recvfrom(), you use connect() and un-addresssed write() and read() calls. //Server.c #include #include #include #include #include #include #include #include #include #include # define PortNo 4567 # define BUFFER 1024 int main(int argc, char ** argv) { int ssd; int n; socklen_t len; char msg[BUFFER]; char clientmsg[BUFFER]; struct sockaddr_in server; struct sockaddr_in client; int max_iterations = 0; int count = 0, totalChar = 0, i = 0;...

  • The original code using the gets() function is written below. You need to do (a) change...

    The original code using the gets() function is written below. You need to do (a) change the provided code so that you now use fgets() function to obtain input from the user instead of gets(), (b) make any other necessary changes in the code because of using fgets() function, and (c) fill in the code for the execute() function so that the whole program works as expected (a simple shell program). Note: part c is already done, and the execute...

  • Assume I don't understand C++ Can someone explain this program to me Line by Line? Basically...

    Assume I don't understand C++ Can someone explain this program to me Line by Line? Basically what each line actually does? whats the function? whats the point? Don't tell me what the program does as a whole, I need to understand what each line does in this program. #include #include #include #include #include #define SERVER_PORT 5432 #define MAX_LINE 256 int main(int argc, char * argv[]) {    FILE *fp;    struct hostent *hp;    struct sockaddr_in sin;    char *host;...

  • Below is a basic implementation of the Linux command "cat". This command is used to print...

    Below is a basic implementation of the Linux command "cat". This command is used to print the contents of a file on the console/terminal window. #include <stdio.h> #include <stdlib.h> int main(int argc, char* argv[]) {FILE *fp; if(2 != argc) {priritf ("Usage: cat <filename>\n"); exit(1);} if ((fp = fopen(argv[1], "r")) == NULL) {fprintf (stderr, "Can't. open input file %s\n", argv[1]); exit (1);} char buffer[256]; while (fgets(X, 256, fp) != NULL) fprintf(Y, "%s", buffer); fclose(Z); return 0;} Which one of the following...

  • can someone help me with changing this to c++ language #include <stdlib.h> #include <stdio.h> #include <pthread.h>...

    can someone help me with changing this to c++ language #include <stdlib.h> #include <stdio.h> #include <pthread.h> #include <string.h> #include <dirent.h> #include <sys/wait.h> #include <time.h> #include <sys/stat.h> #include <unistd.h> char *pathLog; char *pathRep;    struct stat attr; int fileNum, curNum; char *create_logPath(char *directory);    void *funcChecker(void *pathSub); void *funcprintTimeAndChanges(void *pathSub);    void main(int argc, char *argv[]) {    if(argc < 3)    { printf("%s must be executed with exactly two additional arguments (pathRep, pathSub)!\n", argv[0]); printf("Typed count is %d\n", argc); printf("Aborted...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT