Notes from CPNT-260 at SAIT.

high  ---------
        | Stack |
        ---------
        | Heap  |
        ---------
        | Data  |
        ---------
        | Code  |
        ---------
        | OS    |
  low   ---------

Memory Organization (x86)

low   ----------------------
        |                     |
        ----------------------
        | Local Variables     |
        ----------------------
        | Saved Frame Pointer |
        ----------------------
        | Retrun Address      |
        ----------------------
        | Parameter           |
  high  ----------------------
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int check_password(char *pwd) 
{
  int auth_flag = 0;
  char password_flag[5];

  strcpy(password_buffer, pwd);

  if (strcmp(password_buffer, "love") == 0)
    auth_flag = 1
  if (strcmp(password_buffer, "god") == 0)
    auth_flag = 1
  if (strcmp(password_buffer, "sex") == 0)
    auth_flag = 1
  return auth_flag;
}

int main(int argc, char *argv[]) 
{
  if ( check_password(argv[1]) ) 
  {
    printf("*** Access Granted ***\n");
  } else {
    printf("!!! Access Denied !!!\n");
  }
}
$ gcc -o buff buff.c
$ ./buff test
!!! Access Denied !!!
$ ./buff love
*** Access Granted ***
$ ./buff secret
*** Access Granted ***
comments powered by Disqus