Kevin has been asked to write a short program to gather user input for a web application. He likes to keep his code neat and simple. His chooses to use printf(str) where he should have ideally used printf(ā%sā, str). What attack will his program expose the web application to?
A.
Format String Attack
B.
Unicode Traversal Attack
C.
SQL injection Attack
D.
Cross Site Scripting
Explanation:
Format string attacks are a new class of software vulnerability discovered around 1999, previously thought harmless. Format string attacks can be used to crash a program or to execute harmful code. The problem stems from the use of unfiltered user input as the format string parameter in certain C functions that perform formatting, such as printf( ) . A malicious user may use the %s and %x format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the %n format token, which commands printf() and similar functions to write back the number of bytes formatted to the same argument to printf() , assuming that the corresponding argument exists, and is of type int *.