/*
    attack.c
    Tanya Amert, Fall 2023

    Exploring buffer-overflow attacks.

    Compile for debugging via gdb:

        gcc -g -Og -o attack attack.c

    Compile without stack-corruption detection (dangerous!):

        gcc -g -Og -fno-stack-protector -o attack attack.c

    Run with no command-line arguments:

        ./attack
*/

#include <stdio.h>

// A demonstration of how to be vulnerable to a buffer-overflow
// attack.  Try this out and type in strings longer than 3
// characters, then watch the chaos!
//
// Also, just don't use gets.  Seriously.  Ever.
int main()
{
    char s1[4] = { 'a', 'b', 'c', '\0' };
    char s2[4] = { 'x', 'y', 'z', '\0' };

    printf("// Before:\n");
    printf("s1: %s\n", s1);
    printf("s2: %s\n\n", s2);

    // Original version, with a simple addition:
    s1[3] = '$';
    s1[4] = '!';

    // New version, so much worse, vulnerable to buffer-overflow attacks:
    // (comment-out the above chunk and uncomment this one)
    // printf("Please enter a new string: ");
    // gets(s1); // DO NOT USER EVER

    printf("\n// After:\n");
    printf("s1: %s\n", s1);
    printf("s2: %s\n", s2);

    return 0;
}