You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Airport Booking Management System in C with Source Code v1.0 - Buffer Overflow
Author: YANG HUA
In the main program file, a buffer overflow vulnerability exists on line 73 due to the use of the unsafe function. This function is used to capture input for , but it does not limit the size of input, allowing an attacker to enter a string that exceeds the allocated buffer size of 6 bytes for . This overflow can overwrite adjacent memory, leading to potential memory corruption or control flow hijacking.
Line 73: The buffer overflow occurs when the function handles input for without restricting the length of the input. Since is only 6 bytes in size, entering more than 6 characters causes a buffer overflow, overwriting adjacent memory.
Vulnerability Cause
The use of to capture input for does not limit the input size, while the buffer is defined with only 6 bytes. This allows an attacker to enter data exceeding this size, leading to a buffer overflow in the field.
How to exploit
Run the main program and select option 1 to enter the vulnerable function.
Input a long sequence of characters (e.g., multiple '1's) as the passport number. This input overflows the buffer, leading to memory corruption and potentially overwriting adjacent variables or control structures.
An attacker can leverage this vulnerability by inputting more characters than can hold, causing memory overflow. This can lead to adjacent memory corruption and potentially arbitrary code execution.
Solution
Replace gets() with a safer alternative like to limit the size of input:fgets()
printf("\n\t Enter your passport number: ");
fgets(stream->passport, sizeof(stream->passport), stdin); // Safer input handling
fflush(stdin);
Implement input validation to ensure the length of the input does not exceed the allocated buffer size.
The text was updated successfully, but these errors were encountered:
Airport Booking Management System in C with Source Code v1.0 - Buffer Overflow
Author: YANG HUA
In the main program file, a buffer overflow vulnerability exists on line 73 due to the use of the unsafe function. This function is used to capture input for , but it does not limit the size of input, allowing an attacker to enter a string that exceeds the allocated buffer size of 6 bytes for . This overflow can overwrite adjacent memory, leading to potential memory corruption or control flow hijacking.
Supplier
Vulnerability location
Vulnerability Cause
How to exploit
Solution
The text was updated successfully, but these errors were encountered: