• Category: misc
• Points: 100
• Description:

You should fix vulnerabilities of the given source code, WITHOUT changing its normal behaviour.

## Write-up

So that task is to fix all vulnerabilities in a given C++ program:

#include <vector>
#include <iostream>
#include <windows.h>

using namespace std;

int main() {
vector<char> str(MAX_PATH);

cout << "Enter your name: ";
cin >> str.data();

cout << "Hello " << str.data() << " :)" << endl;

return -14;
}


Pretty short and pretty obvious what’s wrong with this program. str is a vector of char with MAX_PATH entries preallocated. Then the name is read from cin into str.data(), which is a raw pointer to the underlying storage of vector (aka char*). Using the raw pointer there is no bounds checking and no allocation of additional memory, so this is a classic buffer overflow. Replacing the vector with a string solves this issue.

#include <iostream>
#include <string>

using namespace std;

int main()
{
//vector<char> str(MAX_PATH);
string str;

cout << "Enter your name: ";
cin >> str;

cout << "Hello " << str << " :)" << endl;

return -14;
}


After submitting the fixed program, we got the flag.

Easy and obvious… at least if you know anything about C/C++. This seems more like a 10 point warm up challenge than 100 points… well.