Question

Explain in detail what this code does, Whats the flow in it, and whats the risk that its creating and what can i do to fix it? (c language)
*please explain it like im a 5 year old and write the code because i dont know alot about buffer overflow or pointers lol <3
#include
#include
int main (int argc, char ** argv)
{
char buffer[500];
strcpy(buffer, argv[1]);

return 0;
}

Answer 1

Answer:

The buffer has room for 499 characters (you always have to reserve 1 for the terminating \0 character).

The code copies all characters passed in the commandline (argv[1]) into this buffer without checking. If there are more than 499 characters supplied, these will be copied into a memory location that is not intended for it. This will probably cause your program to crash, but if the extra data is somehow executed by the processor as if it were a program, this could be a way to sneak a virus into your computer.

So, while copying data, it is important to always limit the maximum amount to the allocated space.