312-50V10 · Question #223
What is the code written for?
The correct answer is A. Buffer Overflow. The code demonstrates buffer overflow vulnerability patterns, such as writing data beyond allocated buffer boundaries without proper bounds checking.
Question
What is the code written for?
Exhibit
Options
- ABuffer Overflow
- BEncryption
- CDenial-of-service (DoS)
- DBruteforce
How the community answered
(27 responses)- A74% (20)
- B15% (4)
- C7% (2)
- D4% (1)
Why each option
The code demonstrates buffer overflow vulnerability patterns, such as writing data beyond allocated buffer boundaries without proper bounds checking.
Buffer overflow occurs when a program writes more data into a buffer than it can hold, overwriting adjacent memory regions. The code exhibits characteristics such as unchecked input lengths or unsafe memory copy operations - hallmarks of buffer overflow exploitation - that can allow an attacker to overwrite return addresses and hijack program control flow.
Encryption code involves cryptographic algorithms and key operations, not unbounded or unchecked memory writes into fixed-size buffers.
Denial-of-service code typically involves resource exhaustion or network flooding mechanisms, not direct manipulation of memory buffer boundaries.
Bruteforce code systematically iterates through possible credential or key values, which is unrelated to memory buffer manipulation.
Concept tested: Buffer overflow vulnerability identification in code
Source: https://owasp.org/www-community/vulnerabilities/Buffer_Overflow
Topics
Community Discussion
No community discussion yet for this question.
