I am learning about code auditing, and I have a question relating to the argc/argv[] variables. I think that the argc is an integer type, so would enough command line arguments overflow the buffer? I know that it's a stretch, but I am looking for the third vulnerability in our practice program, and I can't find it. Any advice would be great!
Thanks for reading this!
Stephen
If your going that route I would check the sizeof(argc) just to see what your dealing with, .i.e is it an unsigned char, unsigned short or whatever
Just to see what size of variables are accepted
I am learning about code auditing, and I have a question relating to the argc/argv[] variables. I think that the argc is an integer type, so would enough command line arguments overflow the buffer? I know that it's a stretch, but I am looking for the third vulnerability in our practice program, and I can't find it. Any advice would be great!
If the host environment is going to provide them, I wouldn't expect it to give you something that overflows. Rather, if the possibility of overflow were available, I would expect the host environment to do something like make argc zero to avoid the potential issue.
If your going that route I would check the sizeof(argc) just to see what your dealing with, .i.e is it an unsigned char, unsigned short or whatever
Just to see what size of variables are accepted
???
If you have an argc, it's an int.
I know that it's a stretch, but I am looking for the third vulnerability in our practice program, and I can't find it.
It's a big stretch. Even with the minimum range of int and no safeguards by the runtime, there would have to be 32,768 command line arguments to overflow argc. Your practice program probably has a different third vulnerability. Is it possible to post the code?
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.