I would like to overflow the buffer of the input_password such that the admin_password is equal to the input_password.
int main() {
long int is_admin = 0;
char input_password[8];
char admin_password[8];
memset(&input_password, 0, 8);
generate_random_string(admin_password, 7);
printf("\nEnter your password: ");
scanf("%8s", input_password);
if (strncmp(input_password, admin_password, 7) == 0) {
is_admin = 1;
}
while (1) {
if (entry(is_admin) == 0) {
break;
}
}
return 0;
}
I would like to overflow the buffer of input_password when the user inputs it such that the admin_password is overwritten to be the same as the input_password.
I have tried to do so by using more than 8 bytes to overflow the input_password, but it seems the the extra bytes just goes into the input of entry(), which is another function to be utilised, how should I perform the buffer overflow correctly? Thanks a lot!
Edit: scanf("%8s", …) is provided and I cannot change the code given, the task is to try to overflow the buffer given the source code. The entry() program takes the input based on 1 to 5 and do the corresponding of add / view / delete / refresh / exit function. For example when I input "AAAAAAAAAAAAAAAA", the input password is input as "AAAAAAAA" but the remaining of the input are used in the entry() function, which shows invalid input as it only takes 1 to 5 as input for the function.
You need to sign in to view this answers
Leave feedback about this