| タイトル | SourceCodester Simple Computer Store System v1.0 Buffer Overflow |
|---|
| 説明 | The program uses the unsafe gets() function to read input into the PC.RAM buffer, which is a fixed-size character array (char RAM[100]). Since gets() does not perform any bounds checking, providing more than 100 characters will overflow the buffer and overwrite adjacent memory, leading to a classic stack buffer overflow vulnerability.
An attacker can exploit this by crafting input that overwrites control data such as the return address, enabling arbitrary code execution or program crashes. |
|---|
| ソース | ⚠️ https://github.com/byxs0x0/cve/issues/6 |
|---|
| ユーザー | wanglun (UID 73616) |
|---|
| 送信 | 2025年05月27日 04:11 (11 月 ago) |
|---|
| モデレーション | 2025年05月28日 08:16 (1 day later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 310421 [SourceCodester Computer Store System 1.0 main.c Add laptopcompany/RAM/Processor メモリ破損] |
|---|
| ポイント | 20 |
|---|