Firstly, the example given wouldn't compile because strcat and strlen are defined in "cstring", which is not included as a library in the code. Secondly, the program will more than likely crash after every run attempt due to the fact that the 200 byte array is not being initialized to 0, thus causing an unintentional buffer overflow.
This should be the replacement:
- Code: Select all
char concatenated[200] = {0};
Also, to trigger a buffer overflow (i.e. to overwrite the value of is_pass_correct) the variables need to be contiguous in memory, there is no way to enforce this.
Anyway, if you're up to the "buffer overflow" section, the only hint I can give you is to look at the code and realize you're attempting to overwrite the value of a variable to trigger a "correct" response. How would you trigger a correct response? What value needs to be returned in order for that to happen? It has been mentioned in this thread that is a single capital letter. This should be informative enough.