Mini-Voting-System icon indicating copy to clipboard operation
Mini-Voting-System copied to clipboard

Published 20 hours ago verified publisher icon cognitive-ninja

Segmentation fault

Open Zerotistic opened this issue 1 year ago • 1 comments

As the title implies, entering a lengthy string can cause a segmentation fault. Using scanf("%s") without specifying the maximum length of the input string can be hazardous, and I suggest taking measures to address this issue. One way to accomplish this is to indicate the maximum length of the string that will be received. For instance, if the buffer size is 50, using scanf("%49s") will ensure that at most 49 characters are read into the buffer. It's also a good practice to check the return value of scanf to make sure that the expected number of input items have been successfully read. If scanf returns a value less than the number of expected input items, it means that there was an error or end-of-file condition.

Proof of segfault: image

In gdb: image As is evident, gaining control of the rip register can result in the possibility of Remote Code Execution (RCE).

Using sprintf() is also dangerous and should be avoided, too.

Zerotistic avatar Mar 08 '23 20:03 Zerotistic

i can give this a shot, wanna assign me?

AvirukBasak avatar Aug 26 '23 15:08 AvirukBasak