His program is vulnerable to a __________ attack

John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf(“Executed\n”);
return 1;
}
His program is vulnerable to a __________ attack.

John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf(“Executed\n”);
return 1;
}
His program is vulnerable to a __________ attack.

A.
SQL injection

B.
Denial-of-Service

C.
Buffer overflow

D.
Cross site scripting

Explanation:

This program takes a user-supplied string and copies it into ‘buffer1’, which can hold up to 10
bytes of data. If a user sends more than 10 bytes, it would result in a buffer overflow.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


John Smith

John Smith

C

The string getting passed into the buffer is not sanitised