How NOT To Write Code

This page contains some of the snippets written
for the second edition of "Hack Proofing Your
Network," published by Syngress.

These source files demonstrate rudimentary
programming errors that may be exploited.

  1. fmtstr.c - A format string problem
  2. getsbufo - A buffer overflow using gets()
  3. mtmprace.c - A program that uses mktemp()
  4. scpybufo - A buffer overflow using strcat()
  5. scpybufo - A buffer overflow using strcpy()
  6. sncpyfix - A fixed version of scpybufo
  7. sprbufo - A buffer overflow using sprintf()
  8. bad.tgz - All source files, tarred and gzip'd

Source Archive


Last Updated: September 08, 2002