Draw and explain a function stack . Be sure to communicate what is happening and what will happen when the strcpy occurs.  Is this following code segment safe? Explain why or why not?

Buffer Overflow

 

Part 2: Buffer Overflow [30 points]

Question 1:  Draw and explain a function stack . Be sure to communicate what is happening and what will happen when the strcpy occurs.  Use the following C code to depict the stack/heap like the slides 15 in the buffer overflow teaching materials. [20 point]

int main () //think of main like P { int returnedvalue.

/* In C, a function can return values */

/* Now you are passing a string into buffered */

/* the function buffered returns a value */

 

returnedvalue =  buffered (“12345678910”);

 

/* think of bof as Q; don’t forget your parameters */

 

return 0;

}

int buffered (char *str)

{ char mybuffer [10];  strcpy (mybuffer, str); return 1; }

 

Question 2: Is this following code segment safe? Explain why or why not? [10 points]

/* Assume this function can be called from a C program */ int bof (char *str, int size) {char *buffer = (char *) malloc (size); strcpy (buffer, str); return 1;}

Notes: malloc is a C library function that allocates space of a specific size