(feat): vulnerable code
This commit is contained in:
parent
5ba7913720
commit
9fbee26d4e
2
Makefile
2
Makefile
@ -1,7 +1,7 @@
|
||||
TARGET := out.bin
|
||||
CC := gcc
|
||||
STD := c89
|
||||
CFLAGS := -fno-stack-protector
|
||||
CFLAGS := -ggdb -fno-stack-protector
|
||||
|
||||
$(TARGET): clean
|
||||
$(CC) -std=$(STD) $(CFLAGS) draft.c -o $(TARGET)
|
||||
|
19
draft.c
19
draft.c
@ -1,12 +1,23 @@
|
||||
#include <stdio.h> // printf, gets
|
||||
#include <stdio.h> /* printf, gets */
|
||||
|
||||
void do_something() {
|
||||
#define BUF_SZ 8 /* Something small, easy to exploit */
|
||||
|
||||
void get_rich_fast() {
|
||||
printf("woohoo!!! free money");
|
||||
}
|
||||
|
||||
void get_input() {
|
||||
/* Declare the buffer we want to put the input in. */
|
||||
char buf[BUF_SZ];
|
||||
/* Deprecated function, gets(char*);
|
||||
Replaced by "fgets" because of, well, insecurity. */
|
||||
gets(buf);
|
||||
}
|
||||
|
||||
int main() {
|
||||
// Exit code 0.
|
||||
/* Call our horrible function. */
|
||||
get_input();
|
||||
/* Exit code 0. */
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user