这个C程序的漏洞是什么？ [英] What is the vulnerability of this C program ?

问题描述

void custom_func(char *param1, int param2, double param3)
{
	char local[30];
	strcpy(local, param1);
}

int main(int argc, char** argv)
{
	custom_func(argv[1], 0, 30.30);
}

我的尝试：



我正试图找到一个漏洞!!以及程序中有多少漏洞...... !!所以请任何人有任何想法..请帮助我!!

What I have tried:

am trying to find a vulnerability !! and how many vulnerability is in a program... !! so please anybody have any idea.. please help me !!

推荐答案

我们不打算为你做功课 - 这是有原因的。它就是为了让你思考你被告知的事情，并试着理解它。它也在那里，以便您的导师可以识别您身体虚弱的区域，并将更多的注意力集中在补救措施上。

亲自尝试，您可能会发现它并不像您想象的那么难！ />


但是我会给你一个提示：如果我从命令行运行它会发生什么：

We aren''t going to do your homework for you - it is set for a reason. It is there so that you think about what you have been told, and try to understand it. It is also there so that your tutor can identify areas where you are weak, and focus more attention on remedial action.
Try it yourself, you may find it is not as difficult as you think!

But I''ll give you a hint: what happens if I run it from the command line like this:

myApp "Call me Ishmael. Some years ago- never mind how long precisely- having little or no money in my purse, and nothing particular to interest me on shore, I thought I would sail about a little and see the watery part of the world."

可能会产生什么影响？

What effects might that have?

这篇关于这个C程序的漏洞是什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！