Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault #13

Open
Zerotistic opened this issue Mar 8, 2023 · 1 comment
Open

Segmentation fault #13

Zerotistic opened this issue Mar 8, 2023 · 1 comment

Comments

@Zerotistic
Copy link

As the title implies, entering a lengthy string can cause a segmentation fault. Using scanf("%s") without specifying the maximum length of the input string can be hazardous, and I suggest taking measures to address this issue. One way to accomplish this is to indicate the maximum length of the string that will be received. For instance, if the buffer size is 50, using scanf("%49s") will ensure that at most 49 characters are read into the buffer.
It's also a good practice to check the return value of scanf to make sure that the expected number of input items have been successfully read. If scanf returns a value less than the number of expected input items, it means that there was an error or end-of-file condition.

Proof of segfault:
image

In gdb:
image
As is evident, gaining control of the rip register can result in the possibility of Remote Code Execution (RCE).

Using sprintf() is also dangerous and should be avoided, too.
@AvirukBasak
Copy link

i can give this a shot, wanna assign me?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Zerotistic @AvirukBasak