/*
 * a demonstration of buffer overflow
 * the goal: get it to print out "bad"
 * by branching to it (or "good")
 */
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

/*
 * the first uncalled routine
 */
void good(void)
{
	printf("good\n");
}
    
/*
 * the second uncalled routine
 */
void bad(void){
	printf("bad\n");
}

/*
 * the routine with the bug (er, vulnerability)
 */
void vuln(char *str)
{
    char outbuf[512];		/* a buffer to overflow */
    char buffer[512];		/* input buffer */

    /* print a bogus error message -- note it is */
    /* GUARANTEED not to overflow buffer!        */
    sprintf(buffer, "ERR Wrong command: %.400s", str);

    /* copy it -- and overflow can occur here */
    sprintf(outbuf, buffer);

    /* print what you put into that buffer */
    printf("outbuf: %s\n", outbuf);
}

/*
 * the starting point -- process the first arg
 */
int main(int argc, char *argv[])
{
	/* check for the right number of arguments */
	if (argc != 2){
		fprintf(stderr, "%s: need a format string as argument\n", argv[0]);
		return(1);
	}

	/* now process it! */
	vuln(argv[1]);
	
	/* all done ... */
	return(0);
}