In the given C program, which vulnerability arises when argv[1] is copied into a fixed-size buffer?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

In the given C program, which vulnerability arises when argv[1] is copied into a fixed-size buffer?

Explanation:
This question tests a buffer overflow vulnerability that happens when untrusted input is copied into a fixed-size buffer without bounds checking. In C, if data from argv[1] is copied into a small local buffer using a function like strcpy, the copy continues until a null terminator is reached, regardless of the buffer’s capacity. If argv[1] is longer than the buffer, the extra bytes overwrite adjacent memory, which can corrupt data or even overwrite the program’s control flow, such as the return address. This can lead to a crash or, in the worst case, arbitrary code execution. This isn’t about SQL statements being built from input (SQL Injection), nor about formatting the input as a string for printf-style functions (Format String Bug). It also isn’t about injecting into the kernel. The described scenario specifically matches a buffer overflow caused by copying oversized input into a fixed-size buffer. Mitigations include bounds-safe operations (like strncpy or snprintf with explicit size), proper input validation, dynamic allocation, and defensive compilation options (stack canaries, ASLR).

This question tests a buffer overflow vulnerability that happens when untrusted input is copied into a fixed-size buffer without bounds checking. In C, if data from argv[1] is copied into a small local buffer using a function like strcpy, the copy continues until a null terminator is reached, regardless of the buffer’s capacity. If argv[1] is longer than the buffer, the extra bytes overwrite adjacent memory, which can corrupt data or even overwrite the program’s control flow, such as the return address. This can lead to a crash or, in the worst case, arbitrary code execution.

This isn’t about SQL statements being built from input (SQL Injection), nor about formatting the input as a string for printf-style functions (Format String Bug). It also isn’t about injecting into the kernel. The described scenario specifically matches a buffer overflow caused by copying oversized input into a fixed-size buffer. Mitigations include bounds-safe operations (like strncpy or snprintf with explicit size), proper input validation, dynamic allocation, and defensive compilation options (stack canaries, ASLR).

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy