Final Exam. May 8, 2001. Question 2

Explain in detail exactly how a malignant user may take advantage of the following program to breach security. In your explanation, give what conditions must be present (i.e. who owns the program, who is running the program, what kind of security breach can occur and exactly how the breach occurs).

Assume the network connection is a file descriptor for a standard socket connection.

char *get_text(int fd)
{
  char buffer[100];
  int i;
  int c;

  i = 0;
  while(1) {
    n = read(fd, &c, 1);
    if (n == 0) {
      buffer[i] = '\0';
      return strdup(buffer);
    } else {
      buffer[i] = c;
      i++;
    }
  }
}

main()
{
  int fd;
  char *lines[10000];
  int nl;
  int beginning;

  for (i = 0; i < 10000; i++) {
    fd = get_network_connection();
    lines[i] = get_text(fd);
  }
  for (i = 9999; i >= 0; i--) printf("%d %s", i, lines[i]);
}