/* * program to show problems with gets() * * NOTE: buffer overflow causes an abort if compiled with gcc * to demonstrate what happens, use -fno-stact-protector * * Matt Bishop, ECS 36A * * October 15, 2019 -- from a buffer overflow program */ #include int main(void) { int i = 4; /* before the buffer */ char buf[10]; /* input buffer */ int j = 5; /* after the buffer */ /* * read the input */ if (gets(buf) == NULL){ printf("Didn't read anything!\n"); return(1); } /* * print out result; on buffer overflow, * i or j may change (or both, depending * on where the compiler puts them) */ printf("Buffer is %s, i = %d, j = %d\n", buf, i, j); printf("Buffer is %s, i = %0x, j = %0x\n", buf, i, j); /* done! */ return(0); }